From owner-freebsd-security Wed Nov 21 7:45:20 2001 Delivered-To: freebsd-security@freebsd.org Received: from kumquat.mail.uk.easynet.net (kumquat.mail.uk.easynet.net [195.40.1.42]) by hub.freebsd.org (Postfix) with ESMTP id 7DB6F37B416 for ; Wed, 21 Nov 2001 07:45:15 -0800 (PST) Received: from magrat.office.easynet.net ([195.40.3.130]) by kumquat.mail.uk.easynet.net with esmtp (Exim 3.33 #1) id 166ZYi-0003vx-00; Wed, 21 Nov 2001 15:45:08 +0000 Received: by MAGRAT with Internet Mail Service (5.5.2653.19) id ; Wed, 21 Nov 2001 15:45:07 -0000 Message-ID: <7052044C7D7AD511A20200508B5A9C585169B1@MAGRAT> From: Lee Brotherston To: 'Ron Rosson' , security@freebsd.org Subject: RE: IPSec Tunnel Date: Wed, 21 Nov 2001 15:45:06 -0000 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org There are a few ways. The easiest way I've found is to use mpd-netgraph. I must confess I'm not 100% sure if it is _actual_ IPSec, but it is IPSec like. It's a VPN-tunnel-on-demand daemon, it's part of the FreeBSD ports for an easy start point. I'm not sure how portable it is, so I can't say whether it would like OpenBSD, but being one of FreeBSD's closer relations is more likely work there than anywhere else ;) I've used it between a couple of FreeBSD boxes in a test environment using the PPTP with encryption option, and got it working properly with applications running over it and everything in less than an hour, so it's not too hard :) The other method I've seen is using the gif(n) interface.... 'man setkey' explains it better than I could ;) Thanks Lee -- Lee Brotherston - IP Security Manager, Easynet Ltd http://www.easynet.net/ Phone: +44 20 7900 4444 | -----Original Message----- | From: Ron 'The InSaNe One' Rosson | [mailto:insane@lunatic.oneinsane.net] | Sent: 21 November 2001 14:35 | To: security@freebsd.org | Subject: IPSec Tunnel | | | Heya, | Anyone know of any links on how to build an ipsec tunnel between an | openbsd machine and a freebsd machine. | | Been working on it for 2 days now and everything I found is | incomplete | and does not work. | | TIA | | -- | -------------------------------------------------------------- | ---------------- | Ron Rosson ... and a UNIX | user said ... | The InSaNe One rm -rf * | insane@oneinsane.net and all was | /dev/null and *void() | -------------------------------------------------------------- | ---------------- | ...and that is how we know the Earth to be banana-shaped. | | To Unsubscribe: send mail to majordomo@FreeBSD.org | with "unsubscribe freebsd-security" in the body of the message | To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message