Date: Mon, 24 Mar 2008 04:41:56 +0100 From: Alex de Kruijff <freebsd@akruijff.dds.nl> To: Jon Theil Nielsen <jontheil@gmail.com> Cc: freebsd-questions@freebsd.org Subject: VPN setup with OpenVPN (was: mpd pptp server?) Message-ID: <20080324034155.GA1077@Alex1.kruijff.org> In-Reply-To: <8f82c35c0803231445i4145172fm4794d1bbd08cc846@mail.gmail.com> References: <8f82c35c0803181643w712b2c91scbaa999466a0eb84@mail.gmail.com> <20080323201917.GB1890@Alex1.kruijff.org> <8f82c35c0803231445i4145172fm4794d1bbd08cc846@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Mar 23, 2008 at 10:45:57PM +0100, Jon Theil Nielsen wrote: > 2008/3/23, Alex de Kruijff <freebsd@akruijff.dds.nl>: > > On Wed, Mar 19, 2008 at 12:43:58AM +0100, Jon Theil Nielsen wrote: > > > I have tried some different ways to make a working VPN server on FreeBSD > > 7.0. > > > The main goal is to make it possible for Windows clients to access their > > > Samba home shares. I'm not sure if mpd is the best solution, but I will > > give > > > it a try. > > > I have installed /usr/ports/mpd4 and have the following configuration: > > > > I run openvpn on FreeBSD and Windows XP. > > > I have now succeeded in establishing connections from Windows to a VPN > server based on mpd4. But it has some severe limitations: I have to define > every single connection in the conf file (not a major problem). And I don't > see any option to authenticate against neither UNIX or Samba passwords. Is > that different through openvpn? Could you give some brief hints on the > configuration or maybe a reference to a useful howto? Giving you the program name ought to be enove of a hint. http://www.google.com/search?q=openvpn The openvpn site has a very nice howto. I can tell you the setup I have. I don't authenticate against UNIX or Samba passwords. I don't see what good it will do to require such autentication. It might even post a security risk. It might be posible. I do use certificates (standard) so I can cut off machines. Users need to authenticate when the connect to the services of a machine. I have a firewall on each computer. I have a VPN tunnel beteen sites and a road warrior setup for laptops. And I have a setup that allows me to take a server down without disrupting traffic flow beteen sites. -- Alex Please copy the original recipients, otherwise I may not read your reply. Howtos based on my personal use, including information about setting up a firewall and creating traffic graphs with MRTG http://alex.kruijff.org/FreeBSD/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080324034155.GA1077>