Hi, I used the following documentation to figure this type of vpn out the first time. It was my starting point.
http://www.cs.umd.edu/~mvanopst/xp2obsd.pdf It talks about using Certificate Authentication but much of the doc can be skipped if you want to use shared key auth instead. The windows vpn client took me a bit to wrap my head around (more so than the obsd side of it) but I found this doc explained it pretty well. Thegreenbow also worked well for us as a client side winxp vpn app. What the doc didn't explain to me was how to config the firewall for the ipsec/isakmpd vpn. To figure out that part I did lots of: tcpdump -e -vvv -i pflog0 And I can't forget the multiple readings of "man ipsec" and all the further man pages in ipsec's "SEE ALSO" section. Hope that all helps you some... It's what got me up and working. Wasn't the easiest thing I've ever done on a 'puter but sure felt good when I saw that first valid connection =) Cheers, Chris On Tuesday 23 January 2007 12:06, stupidmail4me wrote: > I've checked and I've checked and I've checked. Please > help! > > I have an OpenBSD 4.0 firewall on a public network, > let's say 1.2.3.4. It serves as a firewall/NAT box for > an internal network, 192.168.1.0/24. > > There's a server located behind that box, say, > 192.168.1.100. I need to create a VPN to that server. > (No, simply using a ssh tunnel won't work for various > reasons!) > > Is it possible to create a VPN from an outside Windows > XP Pro machine to our private network using IPSEC? > I've read the man pages and they all say how to create > a VPN between two OpenBSD boxes. Fine, but that's not > what I need. There was a page on openbsd.cz that's not > there anymore. > > Please, please help! > > > > ___________________________________________________________________________ >_________ Never miss an email again! > Yahoo! Toolbar alerts you the instant new Mail arrives. > http://tools.search.yahoo.com/toolbar/features/mail/ -- ..:::.::.:....::::....:.:... Number 41 Media Corporation First Floor - 612 View Street Victoria BC V8W 1J5 T 250.414.0410 F 250.414.0411 number41media.com
