creating ipsec vpn between freebsd and linksys wrv54g
did you ever figure this out? I've tried openswan, racoon, and I'm about to try l2tp over ipsec... gah.. Shane ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IPsec, VPN and FreeBSD
Hi: We intend to build IPSec based VPN server on FreeBSD platform so that we can access internal network of a lab. The remote side will use VPN client and could be from anywhere of the Internet, or may be from the another site of the company. From the hnadbook, I saw the sample of site-to-site configurations and we do have one FreeBSD firewall (running ipfw) on both site and another one on another site (both have firewalls on them), can we do that? Also what about the client-server model? What kind of clients do we need in order to connect to the FreeBSD/IPsec/VPN? Any tips/information for the configuration of the clients/server model on internet? Any help will be greatly appreciated. Thanks __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPsec, VPN and FreeBSD
gahn wrote: Hi: We intend to build IPSec based VPN server on FreeBSD platform so that we can access internal network of a lab. The remote side will use VPN client and could be from anywhere of the Internet, or may be from the another site of the company. From the hnadbook, I saw the sample of site-to-site configurations and we do have one FreeBSD firewall (running ipfw) on both site and another one on another site (both have firewalls on them), can we do that? Also what about the client-server model? What kind of clients do we need in order to connect to the FreeBSD/IPsec/VPN? Any tips/information for the configuration of the clients/server model on internet? Any help will be greatly appreciated. there are almost too many options to mention.. however you should be able to implement pptp tunnels (as used on windows) using mpd (in ports) alternatively there is always ssh or ipsec. (or a combination of them) If as you suggest, both ends are freebsd, then I've used mpd over ssh with great effect. use the 'tcp transport' option of mpd and connect it through an ssh tunnel. is the 'client' roaming or at a fixed address? if a fixed address then ipsec becomes easier. Thanks __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPsec, VPN and FreeBSD
Thanks Julian: Well, the another site is using a linux box for firewall. We have extra PCs available so we could build another FreeBSD box. That probably makes the VPN setup a lot easier between two sites. As to the roaming users, very unlikely there will be dial-up line, but those users could be on road and using ISPs to connect the internal lab. both sites are labs. I will try the roaming clients---freebsd vpn server first. --- Julian Elischer [EMAIL PROTECTED] wrote: gahn wrote: Hi: We intend to build IPSec based VPN server on FreeBSD platform so that we can access internal network of a lab. The remote side will use VPN client and could be from anywhere of the Internet, or may be from the another site of the company. From the hnadbook, I saw the sample of site-to-site configurations and we do have one FreeBSD firewall (running ipfw) on both site and another one on another site (both have firewalls on them), can we do that? Also what about the client-server model? What kind of clients do we need in order to connect to the FreeBSD/IPsec/VPN? Any tips/information for the configuration of the clients/server model on internet? Any help will be greatly appreciated. there are almost too many options to mention.. however you should be able to implement pptp tunnels (as used on windows) using mpd (in ports) alternatively there is always ssh or ipsec. (or a combination of them) If as you suggest, both ends are freebsd, then I've used mpd over ssh with great effect. use the 'tcp transport' option of mpd and connect it through an ssh tunnel. is the 'client' roaming or at a fixed address? if a fixed address then ipsec becomes easier. Thanks __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPsec, VPN and FreeBSD
gahn wrote: Thanks Julian: Well, the another site is using a linux box for firewall. We have extra PCs available so we could build another FreeBSD box. That probably makes the VPN setup a lot easier between two sites. As to the roaming users, very unlikely there will be dial-up line, but those users could be on road and using ISPs to connect the internal lab. both sites are labs. I will try the roaming clients---freebsd vpn server first. ok google for mpd and pptp --- Julian Elischer [EMAIL PROTECTED] wrote: gahn wrote: Hi: We intend to build IPSec based VPN server on FreeBSD platform so that we can access internal network of a lab. The remote side will use VPN client and could be from anywhere of the Internet, or may be from the another site of the company. From the hnadbook, I saw the sample of site-to-site configurations and we do have one FreeBSD firewall (running ipfw) on both site and another one on another site (both have firewalls on them), can we do that? Also what about the client-server model? What kind of clients do we need in order to connect to the FreeBSD/IPsec/VPN? Any tips/information for the configuration of the clients/server model on internet? Any help will be greatly appreciated. there are almost too many options to mention.. however you should be able to implement pptp tunnels (as used on windows) using mpd (in ports) alternatively there is always ssh or ipsec. (or a combination of them) If as you suggest, both ends are freebsd, then I've used mpd over ssh with great effect. use the 'tcp transport' option of mpd and connect it through an ssh tunnel. is the 'client' roaming or at a fixed address? if a fixed address then ipsec becomes easier. Thanks __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPsec, VPN and FreeBSD
On 1/24/2006 3:59 PM gahn wrote: Hi: We intend to build IPSec based VPN server on FreeBSD platform so that we can access internal network of a lab. The remote side will use VPN client and could be from anywhere of the Internet, or may be from the another site of the company. From the hnadbook, I saw the sample of site-to-site configurations and we do have one FreeBSD firewall (running ipfw) on both site and another one on another site (both have firewalls on them), can we do that? Also what about the client-server model? What kind of clients do we need in order to connect to the FreeBSD/IPsec/VPN? Any tips/information for the configuration of the clients/server model on internet? Any help will be greatly appreciated. I've been very pleased with OpenVPN for my needs. Biggest downside is that each potential connection requires a separate OpenVPN instance as I understand it. However if your client base is small, you might give it a look. Cheers, Drew -- Visit The Alchemist's Warehouse Magic Tricks, DVDs, Videos, Books, More! http://www.alchemistswarehouse.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPsec, VPN and FreeBSD
Drew Tomlinson wrote: I've been very pleased with OpenVPN for my needs. Biggest downside is that each potential connection requires a separate OpenVPN instance as I understand it. However if your client base is small, you might give it a look. That used to be the case, but since OpenVPN 2 came out, it is no longer necessary. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Creating IPSec VPN between FreeBSD and Linksys WRV54G
I have setup many IPSec FreeBSD VPN's using racoon and gif interfaces. On the FreeBSD side I've got: gif0: flags=8051UP,POINTOPOINT,RUNNING,MULTICAST mtu 1280 tunnel inet [LOCAL_WAN_IP] -- [REMOTE_WAN_IP] inet 172.31.1.1 -- 192.168.1.1 netmask 0x I have the usual setkey policies in /etc/ipsec.conf (loaded with setkey -f). The router and the BSD box are establishing IKE no problem according to racoon logs, however I can't actually get any traffic across. Clearly there is something about the Linksys implementation that I'm not familiar with. Anybody have any luck with this particular setup? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IPsec VPN between FreeBSD and WinXP
Hello. I could set up succesfully a IPSec transport mode VPN between WinXP and FreeBSD 4.7 The problem is that it works only if I Start the first connection from WinXP to FreeBSD box, and the vice versa does not work. If The very first IPSec connection starts from FreeBSD I have this kind of errors: Dec 3 12:32:41 hal9000 /kernel: IPv4 ESP input: no key association found for spi 69118078 Instead once I ping from WinXP then I Can also ping from FreeBSD to WinXP succesfully. It looks like IPsec transport cannot be initialized if FreeBSD starts a connection with its peer IPsec WinXP host. any hints about this?? I used this document as reference for setting up IPsec VPN: http://www.wiretapped.net/~fyre/ipsec/ thanks Rick To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: IPsec VPN between FreeBSD and WinXP
On Tuesday, Dec 3, 2002, at 03:31 US/Pacific, RJ45 wrote: I could set up succesfully a IPSec transport mode VPN between WinXP and FreeBSD 4.7 The problem is that it works only if I Start the first connection from WinXP to FreeBSD box, and the vice versa does not work. If The very first IPSec connection starts from FreeBSD I have this kind of errors: Dec 3 12:32:41 hal9000 /kernel: IPv4 ESP input: no key association found for spi 69118078 Instead once I ping from WinXP then I Can also ping from FreeBSD to WinXP succesfully. Me too. I don't remember the details since I tried this a couple of months ago, but I had the same issue. KeS (cripes, what a useless post this is!) To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message