IPsec, VPN and FreeBSD

gahn ipfreak at yahoo.com
Tue Jan 24 18:19:17 PST 2006 

Thanks Julian:

Well, the another site is using a linux box for
firewall. We have extra PCs available so we could
build another FreeBSD box. That probably makes the VPN
setup a lot easier between two sites.

As to the roaming users, very unlikely there will be
dial-up line, but those users could be on road and
using ISPs to connect the internal lab. both sites are
labs.

I will try the roaming clients<--->freebsd vpn server
first.



--- Julian Elischer <julian at elischer.org> wrote:

> gahn wrote:
> 
> >Hi:
> >
> >We intend to build IPSec based VPN server on
> FreeBSD
> >platform so that we can access internal network of
> a
> >lab. The remote side will use VPN client and could
> be
> >from anywhere of the Internet, or may be from the
> >another site of the company. From the hnadbook, I
> saw
> >the sample of site-to-site configurations and we do
> >have one FreeBSD firewall (running ipfw) on both
> site
> >and another one on another site (both have
> firewalls
> >on them), can we do that?  Also what about the
> >client-server model? What kind of clients do we
> need
> >in order to connect to the FreeBSD/IPsec/VPN? Any
> >tips/information for the configuration of the
> >clients/server model on internet?
> >
> >Any help will be greatly appreciated.
> >  
> >
> there are almost too many options to mention..
> 
> however you should be able to implement pptp
> tunnels (as used on windows) using mpd (in ports)
> alternatively there is always ssh or ipsec.
> (or a combination of them)
> 
> If as you suggest, both ends are freebsd, then I've
> used mpd over ssh 
> with great effect.
> use the 'tcp transport' option of mpd and connect it
> through an ssh tunnel.
> 
> is the 'client' roaming or at a fixed address? if a
> fixed address then 
> ipsec becomes easier.
> 
> 
> 
> >Thanks
> >
> >
> >
> >__________________________________________________
> >Do You Yahoo!?
> >Tired of spam?  Yahoo! Mail has the best spam
> protection around 
> >http://mail.yahoo.com 
> >_______________________________________________
> >freebsd-security at freebsd.org mailing list
>
>http://lists.freebsd.org/mailman/listinfo/freebsd-security
> >To unsubscribe, send any mail to
> "freebsd-security-unsubscribe at freebsd.org"
> >  
> >
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
>
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

More information about the freebsd-questions mailing list