Date: Mon, 21 May 2001 12:18:20 -0700 (PDT) From: Tom <tom@uniserve.com> To: Alex Markov <alex@asdg.ru> Cc: freebsd-stable@freebsd.org Subject: Re: L2TP and FreeBSD - is it possible? Message-ID: <Pine.BSF.4.10.10105211212510.54153-100000@athena.uniserve.ca> In-Reply-To: <000901c0e1f7$716cc7a0$1945a4d4@asdg.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 21 May 2001, Alex Markov wrote: > Hello, FreeBSD community! > > Firstly, excuse my English! ;-) > > DESCRIPTION: I have Win2000 server in private network (IP = 192.168.1.1) > and FreeBSD box with two netcards (one of them plugged to 192.168.1/24 > network, another - in ISP's LAN). On FreeBSD i have "closed"-style > firewall and some services (primary DNS, proxy & mail). I have not and > even don't plan to install NAT on this box. > > Now, i want to grant access for our remote users to Win2000 server in > internal network through L2TP+IPSec. Latter part doesn't bother me, but > former... So, i need a good advice from guru: > > a) Is L2TP supported by FreeBSD? > > b) Which way is more "right" - to install L2TP server on Win2000 and > divert all VPN traffic to it, or configure FreeBSD box as L2TP server? > > c) Is there any resources about "L2TP & FreeBSD" (i know, it should be > first question)? L2TP + IPSec is a difficult combination. FreeBSD supports IPSec natively, but has no native support for L2TP. Microsoft decided that they would encapsulate IPSec traffic in a L2TP tunnel, while FreeBSD can do IPSec tunnels. There is a L2TP addon from marko.net, but it is unlikely to work with FreeBSD's IPSec. You could always use PPTP instead of L2TP+IPSec. The encryption isn't as strong as IPSec though. The mpd port PPTP. Microsoft has a PPTP addon for Windows available. You could install mpd on your firewall, and allow connections to your internal LAN. Tom To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10105211212510.54153-100000>