From owner-freebsd-questions@FreeBSD.ORG Thu Apr 28 10:00:36 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0F98D16A4CE for ; Thu, 28 Apr 2005 10:00:36 +0000 (GMT) Received: from daffy.activeinvitesoftware.com (wbar2.sjo1-4-10-244-201.sjo1.dsl-verizon.net [4.10.244.201]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5D14A43D4C for ; Thu, 28 Apr 2005 10:00:35 +0000 (GMT) (envelope-from rene.mendoza@activeinvitesoftware.com) Received: from [192.168.2.120] (unknown [210.213.172.65]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (verified OK))E24651106806 for ; Thu, 28 Apr 2005 03:45:30 -0700 (PDT) Message-ID: <4270B42E.3020106@activeinvitesoftware.com> Date: Thu, 28 Apr 2005 18:00:14 +0800 From: "Rene C. Mendoza" User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-questions@freebsd.org Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------ms090108010701040608050506" Subject: VPN Setup X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Apr 2005 10:00:36 -0000 This is a cryptographically signed message in MIME format. --------------ms090108010701040608050506 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Hi, I plan to setup a VPN gateway using OpenVPN. However, the setup is a little bit weird. Here it is: Priv. Network A<->FreeBSD Server< ->Linksys Router(NAT) <-- INTERNET -->Cisco VPN Concentrator--> Priv. Network B (OpenVPN Gateway) I'm a newbie in this kind of thing so I would it appreciate it very much if anyone can tell me what is wrong with this setup. You may be wondering why the Linksys router is still there when the Freebsd server can serve as the router as well. The answer is very much convoluted and I'd rather not go into it now. :-( By the way, the Linksys router can do port forwarding. My big question is: Is the above setup feasible and if so, could you send me some references (on the Internet) where I can find more info/solution on this problem? thanks, Rene --------------ms090108010701040608050506 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJOTCC AvcwggJgoAMCAQICAw3oEzANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UE ChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNv bmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EwHhcNMDUwMTI4MDMyMjEzWhcNMDYwMTI4MDMyMjEz WjBXMR8wHQYDVQQDExZUaGF3dGUgRnJlZW1haWwgTWVtYmVyMTQwMgYJKoZIhvcNAQkBFiVy ZW5lLm1lbmRvemFAYWN0aXZlaW52aXRlc29mdHdhcmUuY29tMIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEAsu1JsW1AnHs0QYtbjBRKYVscrP6blJg964Hd/kPh6tVKtTDWa2W2 YcQEgxlpyU2OzDGmpZ8N5X/DKx1+h5MyuIhYLp4zjS3ZJIOdGYzBbGJsjZlXfzAYUslzjHVu qoqikhtMTXn232m8Sly8hFOin1mYq0ce4JGQpo8imXEK2ZtR1NiRM3L5j+qewnG1Mh5j70oW rcolBdZYM/0ypuZPH9p8TiqmkUDOToKaGJ7lu97h0YQ68E3TT7OblMVM6qdkLGgMhFS26Yuu s6+LPdNC92oEPDE8alMcleL0Tx/GInJOIzrSMot8aQlLPvbiqzWnCQZvMB2rCk0yLQ9XNnJc iQIDAQABo0IwQDAwBgNVHREEKTAngSVyZW5lLm1lbmRvemFAYWN0aXZlaW52aXRlc29mdHdh cmUuY29tMAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQEEBQADgYEAt5dftSD4E1Dvh4wWTz56 s2E/Ak7BZ2FdZzikXV5KRRkXqb482fIUpqZEohBLjG3aMrr8tStq4JuWz943EEJh2bMOlGfZ yygpZ+G3fft4xKe9romGe72VQstnz/GeCeb66WIeOvvbaKa3cnrIoWtg9lCc91MIwDIH6tuO P1DO9TAwggL3MIICYKADAgECAgMN6BMwDQYJKoZIhvcNAQEEBQAwYjELMAkGA1UEBhMCWkEx JTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0 ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBMB4XDTA1MDEyODAzMjIxM1oXDTA2MDEy ODAzMjIxM1owVzEfMB0GA1UEAxMWVGhhd3RlIEZyZWVtYWlsIE1lbWJlcjE0MDIGCSqGSIb3 DQEJARYlcmVuZS5tZW5kb3phQGFjdGl2ZWludml0ZXNvZnR3YXJlLmNvbTCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBALLtSbFtQJx7NEGLW4wUSmFbHKz+m5SYPeuB3f5D4erV SrUw1mtltmHEBIMZaclNjswxpqWfDeV/wysdfoeTMriIWC6eM40t2SSDnRmMwWxibI2ZV38w GFLJc4x1bqqKopIbTE159t9pvEpcvIRTop9ZmKtHHuCRkKaPIplxCtmbUdTYkTNy+Y/qnsJx tTIeY+9KFq3KJQXWWDP9MqbmTx/afE4qppFAzk6Cmhie5bve4dGEOvBN00+zm5TFTOqnZCxo DIRUtumLrrOviz3TQvdqBDwxPGpTHJXi9E8fxiJyTiM60jKLfGkJSz724qs1pwkGbzAdqwpN Mi0PVzZyXIkCAwEAAaNCMEAwMAYDVR0RBCkwJ4ElcmVuZS5tZW5kb3phQGFjdGl2ZWludml0 ZXNvZnR3YXJlLmNvbTAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBBAUAA4GBALeXX7Ug+BNQ 74eMFk8+erNhPwJOwWdhXWc4pF1eSkUZF6m+PNnyFKamRKIQS4xt2jK6/LUrauCbls/eNxBC YdmzDpRn2csoKWfht337eMSnva6Jhnu9lULLZ8/xngnm+uliHjr722imt3J6yKFrYPZQnPdT CMAyB+rbjj9QzvUwMIIDPzCCAqigAwIBAgIBDTANBgkqhkiG9w0BAQUFADCB0TELMAkGA1UE BhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYD VQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNl cyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJ KoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3dGUuY29tMB4XDTAzMDcxNzAwMDAw MFoXDTEzMDcxNjIzNTk1OVowYjELMAkGA1UEBhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25z dWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJ c3N1aW5nIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEpjxVc1X7TrnKmVoeaMB1 BHCd3+n/ox7svc31W/Iadr1/DDph8r9RzgHU5VAKMNcCY1osiRVwjt3J8CuFWqo/cVbLrzwL B+fxH5E2JCoTzyvV84J3PQO+K/67GD4Hv0CAAmTXp6a7n2XRxSpUhQ9IBH+nttE8YQRAHmQZ cmC3+wIDAQABo4GUMIGRMBIGA1UdEwEB/wQIMAYBAf8CAQAwQwYDVR0fBDwwOjA4oDagNIYy aHR0cDovL2NybC50aGF3dGUuY29tL1RoYXd0ZVBlcnNvbmFsRnJlZW1haWxDQS5jcmwwCwYD VR0PBAQDAgEGMCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFQcml2YXRlTGFiZWwyLTEzODAN BgkqhkiG9w0BAQUFAAOBgQBIjNFQg+oLLswNo2asZw9/r6y+whehQ5aUnX9MIbj4Nh+qLZ82 L8D0HFAgk3A8/a3hYWLD2ToZfoSxmRsAxRoLgnSeJVCUYsfbJ3FXJY3dqZw5jowgT2Vfldr3 94fWxghOrvbqNOUQGls1TXfjViF4gtwhGTXeJLHTHUb/XV9lTzGCAzswggM3AgEBMGkwYjEL MAkGA1UEBhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAq BgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBAgMN6BMwCQYFKw4D AhoFAKCCAacwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDUw NDI4MTAwMDE1WjAjBgkqhkiG9w0BCQQxFgQUgC+uJ78RZ2udCJSKMhzpLvTV4O4wUgYJKoZI hvcNAQkPMUUwQzAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAw BwYFKw4DAgcwDQYIKoZIhvcNAwICASgweAYJKwYBBAGCNxAEMWswaTBiMQswCQYDVQQGEwJa QTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhh d3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0ECAw3oEzB6BgsqhkiG9w0BCRACCzFr oGkwYjELMAkGA1UEBhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0 ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBAgMN6BMw DQYJKoZIhvcNAQEBBQAEggEAc+iL6cfgljcYKCbPJrL6XUwqKPgErpFUHKdGdp1fPMKy2ePV i8NdwfFBD6O4uvPv51nLFRCNqo1UrMNaoTvSzzAYOElY9avK69gvlXKMw4BQk7lQQp648opO GUG1EKLlDhXpHAfs6DdwHEKFLlwApF+k0wtLNQb3OA6nMgJjKls7xbst8hrIdUtai7Li8o6c dq8EIEDlhZiDa6qSQYKQKItgu5YXzHzRUWsG9KaqCZm+SpGoqPb36+xhRdhL30JW3HBMcsad KG8vg9lUvGNLSy/zi9aXgy+eWF7Kf717pdpgg8Kd2/jFH5klqWVw9H2XfFWiDaYfi90izeRR afEVVwAAAAAAAA== --------------ms090108010701040608050506--