Setting up a VPN

[Bill Moran]

In response to Schiz0 <schiz0phrenic21 at gmail.com>:

> Hey,
> 
> I'm looking for information on how to setup a Virtual Private Network
> on a FreeBSD 7.0-RELEASE system. The only VPNs that I've worked with
> previously is Hamachi on windows and linux, so I have no experience in
> OpenVPN or IPSec.
> 
> The purpose of this VPN is to restrict certain things to only
> administrators. For example, phpmyadmin and vsFTPd. I'd prefer not to
> have these things listen on the public interface.
> 
> I read the Handbook entry on IPSec/VPNs:
> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ipsec.html
> 
> However, that entry only has examples for how to connect one network
> to another network via FreeBSD gateways. I don't want a setup like
> this; I just want the freebsd system, my windows XP system, and a few
> other windows XP systems to be on a VPN together.
> 
> Can anyone link me to how-tos or any references on how to do this?
> Also, any suggestions on which software to use (OpenVPN, IPSec, etc)
> would be appreciated.

Not sure I agree with the mpd recommendation.  In my experience, that
particular piece of Windows VPN technology is better relegated to
history, much in the same way as the Holocaust and other disasters.

If you're having trouble understanding IPsec, don't worry.  IPsec is
confusing.  The biggest problem with IPsec is that it's more complicated
than it needs to be.

Based on your description of your requirement, I suggest pursuing an
OpenVPN solution.  I've done this with FreeBSD/Windows.  There's a neat
tool to generate .msi files for Windows machines to allow users idiot-
proof installation, which I've had good success with, and the simple
VPN you describe is pretty easy to set up from this HOWTO:
http://openvpn.net/index.php/documentation/howto.html#pki

-- 
Bill Moran
http://www.potentialtech.com