From owner-freebsd-questions@FreeBSD.ORG Fri Aug 27 14:29:08 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0C30216A4CE for ; Fri, 27 Aug 2004 14:29:08 +0000 (GMT) Received: from viper4.dataraq.net (viper4.dataraq.net [209.218.168.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id 659F943D5A for ; Fri, 27 Aug 2004 14:29:07 +0000 (GMT) (envelope-from aj@siegel-tech.net) Received: (qmail 70995 invoked from network); 27 Aug 2004 14:29:50 -0000 Received: from pcp09609084pcs.brodwy01.nm.comcast.net (HELO ?192.168.245.12?) (69.241.168.76) by viper4.dataraq.net with SMTP; 27 Aug 2004 14:29:50 -0000 From: Aaron Siegel To: freebsd-questions@freebsd.org Date: Fri, 27 Aug 2004 08:28:58 -0600 User-Agent: KMail/1.6.2 References: <20040825214441.GB3936@fajita.org> In-Reply-To: <20040825214441.GB3936@fajita.org> MIME-Version: 1.0 Content-Disposition: inline Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <200408270828.58841.aj@siegel-tech.net> Subject: Re: Roaming tunnel (IPSEC or something). X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Aug 2004 14:29:08 -0000 Hello I am in the process of setup a similar configuration using poptop to create a pptp link between a static server and a roaming computer with an anonymous. There is also l2tpd from what I read it is more secure than pptp but it does not work through a NAT. I will hopefully get this up and running soon sofar I have only been able to create an unencrypted pptp link. Aaron On Wednesday 25 August 2004 03:44 pm, Lewis Thompson wrote: > Hi, > > I'm wondering if it's possible to have a ``roaming tunnel'' so I have > local-like access on my laptop wherever I am. > > I currently have an encrypted IPSEC tunnel set up between my laptop > and server (both with static IPs) as explained in the Handbook > (http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ipsec.html) > but I'd like to extend it so that I can connect to my server (a static > IP) from anywhere with my laptop (a dynamic IP). > > Is this even possible? I've been told about isakmpd but I fail to see > really how it differs from racoon. Any suggestions about this would be > greatly appreciated. Thanks! > > -lewiz.