From owner-freebsd-security@FreeBSD.ORG Tue Jan 24 23:59:48 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0810B16A422 for ; Tue, 24 Jan 2006 23:59:48 +0000 (GMT) (envelope-from ipfreak@yahoo.com) Received: from web52114.mail.yahoo.com (web52114.mail.yahoo.com [206.190.48.117]) by mx1.FreeBSD.org (Postfix) with SMTP id 23D3C43D48 for ; Tue, 24 Jan 2006 23:59:46 +0000 (GMT) (envelope-from ipfreak@yahoo.com) Received: (qmail 92440 invoked by uid 60001); 24 Jan 2006 23:59:45 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=QU2i0LPE43/u88IOdsVX9DEjE/DWh04HOtYIvnxsbERDMBEAnWQm8IVdil6kK06jnfwPrEvl4+QYQ18mqNDnoPW+8892AloY8du4/lUeZbc6mz41ZIlC6EqHHv7BsIRgybeN6l4jNNn12r7nZ7QmKQl4xAhiy3aM8hVnbvbpFsc= ; Message-ID: <20060124235945.92438.qmail@web52114.mail.yahoo.com> Received: from [200.38.156.194] by web52114.mail.yahoo.com via HTTP; Tue, 24 Jan 2006 15:59:45 PST Date: Tue, 24 Jan 2006 15:59:45 -0800 (PST) From: gahn To: freebsd-security@freebsd.org, freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Cc: Subject: IPsec, VPN and FreeBSD X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jan 2006 23:59:48 -0000 Hi: We intend to build IPSec based VPN server on FreeBSD platform so that we can access internal network of a lab. The remote side will use VPN client and could be from anywhere of the Internet, or may be from the another site of the company. From the hnadbook, I saw the sample of site-to-site configurations and we do have one FreeBSD firewall (running ipfw) on both site and another one on another site (both have firewalls on them), can we do that? Also what about the client-server model? What kind of clients do we need in order to connect to the FreeBSD/IPsec/VPN? Any tips/information for the configuration of the clients/server model on internet? Any help will be greatly appreciated. Thanks __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com