Windows/FreeBSD VPNs

Murray Taylor MTaylor at bytecraft.com.au
Mon Nov 28 23:05:10 GMT 2005


 

> -----Original Message-----
> From: owner-freebsd-questions at freebsd.org 
> [mailto:owner-freebsd-questions at freebsd.org] On Behalf Of 
> Nathan Vidican
> Sent: Tuesday, November 29, 2005 12:31 AM
> To: Dave
> Cc: questions at freebsd.org
> Subject: Re: Windows/FreeBSD VPNs
> 
> Dave wrote:
> > Hello,
> > Do you use mpd through a firewall? If so, how do you deal 
> with the gre 
> > protocol? I've not been able to get that going through a 
> firewall. Can i 
> > see your server/client configs? I'm wanting to compare your working 
> > windows one to my nonworking setup.
> > Thanks.
> > Dave.
> > 
> > ----- Original Message ----- From: "Nathan Vidican" 
> <nvidican at wmptl.com>
> > To: "Hexren" <me at hexren.net>
> > Cc: <questions at freebsd.org>; <dscheidt at panix.com>
> > Sent: Friday, November 25, 2005 9:36 AM
> > Subject: Re: Windows/FreeBSD VPNs
> > 
> > 
> >> Hexren wrote:
> >>
> >>>> I need to set up a VPN so a remote windows client can access some
> >>>> Samba shares.  All of the documentation I've found are 
> for FreeBSD to
> >>>> FreeBSD tunnels, not for a client connecting directly.  
> Pointers to
> >>>> documentation?
> >>>
> >>>
> >>>
> >>>
> >>>> David
> >>>> _______________________________________________
> >>>> freebsd-questions at freebsd.org mailing list
> >>>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> >>>> To unsubscribe, send any mail to 
> >>>> "freebsd-questions-unsubscribe at freebsd.org"
> >>>
> >>>
> >>>
> >>> ---------------------------------------------
> >>>
> >>> In your situation I tried openvpn and found it very 
> comfortable to set
> >>> up and maintain. There is a freebsd port and packages for 
> some systems
> >>> are avaiable. (that includes MS Windows)
> >>>
> >>> http://openvpn.net/
> >>>
> >>> Regards
> >>> Hexren
> >>>
> >>> _______________________________________________
> >>> freebsd-questions at freebsd.org mailing list
> >>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> >>> To unsubscribe, send any mail to 
> >>> "freebsd-questions-unsubscribe at freebsd.org"
> >>>
> >>>
> >>
> >> MPD - also in the ports collection, does PPTP and IPSEC 
> tunnels, you 
> >> do not need anything for windows 2000 upwards to connect, 
> though you 
> >> will need an add-on to win98 dial-up-networking to do 
> ipsec. Fairly 
> >> straight-forward install, runs clean, and documentation available.
> >>
> >> -- 
> >> Nathan Vidican
> >> nvidican at wmptl.com
> >> Windsor Match Plate & Tool Ltd.
> >> http://www.wmptl.com/
> >> _______________________________________________
> >> freebsd-questions at freebsd.org mailing list
> >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> >> To unsubscribe, send any mail to 
> >> "freebsd-questions-unsubscribe at freebsd.org" 
> > 
> > 
> > 
> > 
> Actually, I have not got an install of mpd running right now 
> - used to run it 
> from my office, but that office has since closed and I am 
> employed elsewhere 
> now. When I did have it running, I had a dual-homed machine 
> which had an outside 
> (static valid internet IP) and an inside interface to the 
> LAN. The building at 
> the time actually had 5 different networks, so routing and 
> firewalling were a 
> little more complex than most - but if I recall, each login 
> via mpd get's it's 
> own aliased interface on the FreeBSD machine, so just create 
> your firewall rules 
> appropriately. - Not sure how/if you can run mpd through NAT 
> if that's what you 
> were asking.

Here are my ipf rules for VPN usage. And yes I am using ipnat also
(with nothing special there for VPN)
#
# pptp and gre for VPN
#
pass out quick on rl0 proto tcp from any to any port = 1723 flags S keep
state
pass out quick on rl0 proto gre from any to any


and this is what 1723 is

operator at spyder (~)ttyp0 > grep 1723 /etc/services
pptp            1723/tcp   #Point-to-point tunnelling protocol



HTH
Murray T
---------------------------------------------------------------
The information transmitted in this e-mail is for the exclusive
use of the intended addressee and may contain confidential
and/or privileged material. Any review, re-transmission,
dissemination or other use of it, or the taking of any action
in reliance upon this information by persons and/or entities
other than the intended recipient is prohibited. If you
received this in error, please inform the sender and/or
addressee immediately and delete the material. 

E-mails may not be secure, may contain computer viruses and
may be corrupted in transmission. Please carefully check this
e-mail (and any attachment) accordingly. No warranties are
given and no liability is accepted for any loss or damage
caused by such matters.
---------------------------------------------------------------

***This Email has been scanned for Viruses by MailMarshal.***


More information about the freebsd-questions mailing list