From owner-freebsd-net@FreeBSD.ORG Thu Feb 7 19:38:17 2013 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 882D4EA3 for ; Thu, 7 Feb 2013 19:38:17 +0000 (UTC) (envelope-from tjg@ucsc.edu) Received: from mail-ie0-x232.google.com (ie-in-x0232.1e100.net [IPv6:2607:f8b0:4001:c03::232]) by mx1.freebsd.org (Postfix) with ESMTP id 5E3458EB for ; Thu, 7 Feb 2013 19:38:17 +0000 (UTC) Received: by mail-ie0-f178.google.com with SMTP id c13so3980562ieb.37 for ; Thu, 07 Feb 2013 11:38:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ucsc.edu; s=ucsc-google; h=mime-version:x-received:date:message-id:subject:from:to :content-type; bh=Iyhh5RzQEm7j/9VMWtZkZd94ML4MsMnsejGDriz6OaQ=; b=M5CY62E+esD532+uNYKBwYAfX9nLMBlQGmUVjPFOK/4aLxlv04uKY8cD1WJ1SudGyC drc5dJAZ+L2W7KDrS+pblGig6Pkxpxb5Gn28kwwQ07ZKrRXRFVmXaNqcBaZvAwUUSSPO Poqdg7PPZQtxmv6nqFsrEvHMGfGT4SJ3mEuxM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:date:message-id:subject:from:to :content-type:x-gm-message-state; bh=Iyhh5RzQEm7j/9VMWtZkZd94ML4MsMnsejGDriz6OaQ=; b=LYnYxvF1pm7egmXTAm17Wjy6v8vpd33BWoGJNcFYEw9jSUTHiDT7Dk7LRwLXxSfd4Y fOJxbOzGpx77MMxaOK/nASFKVSZGxvlh576HbmKRWaxVJT4zRAkZm5vkOZW8wJgPnqtz FuGDLq67TdRSxX4WDelaypSzk1Lh4Ynz9vGhU3Z3p/KRotxsrqNHvRzghVtlv7H6xTq/ +X7H39oCNAvYrvdEBcfKc6g2DaRvLd1ucGssA72uzYHLKbtnzUb7+r0UyJGXs7JmWl7K b+N2EXII+KrYsXXHWbhVYxA9oQn1dU7EjFh1WKFMWG8QgYQSYb1+64kU66QqVATGVhmL P6Qw== MIME-Version: 1.0 X-Received: by 10.42.58.202 with SMTP id j10mr4487083ich.39.1360265896226; Thu, 07 Feb 2013 11:38:16 -0800 (PST) Received: by 10.42.241.73 with HTTP; Thu, 7 Feb 2013 11:38:15 -0800 (PST) Date: Thu, 7 Feb 2013 11:38:15 -0800 Message-ID: Subject: L2TP with Certificates From: Tim Gustafson To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 X-Gm-Message-State: ALoCoQnKXNffSAT9I94ynPodf+V0ALUvRPWf4xRRtPtBfrgjPtTqxEPUmj7q7F1vrOXGH4QC7jdE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Feb 2013 19:38:17 -0000 Hi, I've found a handful of good tutorials explaining how to set up MPD and Racoon using pre-shared keys and user/pass authentication, but I can't seem to find anything that uses certificates. Is this not an option? Does anyone know if there's a good demo of this out there? Also, if I do use user/pass auth, I see that I can specify an external password-verification program in MPD. Has anyone had any luck with tying that to an LDAP server for auth? -- Tim Gustafson tjg@ucsc.edu 831-459-5354 Baskin Engineering, Room 313A