From owner-freebsd-security@FreeBSD.ORG Wed Jan 25 05:00:03 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2959716A41F for ; Wed, 25 Jan 2006 05:00:03 +0000 (GMT) (envelope-from vaida.bogdan@gmail.com) Received: from zproxy.gmail.com (zproxy.gmail.com [64.233.162.199]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4A7F243D46 for ; Wed, 25 Jan 2006 05:00:02 +0000 (GMT) (envelope-from vaida.bogdan@gmail.com) Received: by zproxy.gmail.com with SMTP id 8so24229nzo for ; Tue, 24 Jan 2006 21:00:01 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=DP1Bcsj3f+3oIYm9SQxJ5UbSiNrcxaYq+XPAUUmVTmSIXGA3TQIczCJEJ7tybBbH1S9gOTGZphHm8X5UQUTQE8EYZZEkohytctiPO0ng0mUr1k6YpGWDf38Ok39ogAH3HjB1CLbESGxhwbpnMb7GbnwjiLg4QYJX4KwQ2Sy0/Hg= Received: by 10.36.220.2 with SMTP id s2mr280182nzg; Tue, 24 Jan 2006 21:00:01 -0800 (PST) Received: by 10.36.251.28 with HTTP; Tue, 24 Jan 2006 21:00:01 -0800 (PST) Message-ID: <12848a3b0601242100x285d4497p48476d422901ffa7@mail.gmail.com> Date: Wed, 25 Jan 2006 05:00:01 +0000 From: Vaida Bogdan To: freebsd-security@freebsd.org In-Reply-To: <12848a3b0601230055h12b7169uce7f1fbb2f0da8e6@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <12848a3b0601221142r2161c20ka6d128ecf5c299aa@mail.gmail.com> <43D3E694.9040902@aeternal.net> <12848a3b0601230055h12b7169uce7f1fbb2f0da8e6@mail.gmail.com> Subject: Re: setting up vpn client on a freebsd workstation X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Jan 2006 05:00:03 -0000 So do I need to use racoon for this or there is an alternative? On 1/23/06, Vaida Bogdan wrote: > I don't need openvpn, I need IPSEC (KAME). So none of the proposed > solutions work. > > I am the "FreeBSD Client" in the configuration so I can't change the > server vpn implementation. > > > On 1/22/06, Martin Hudec wrote: > > Hello, > > > > Vaida Bogdan wrote: > > > I have the following network: > > > > > > External Interface External Interface > > > ccc.ccc.ccc.ccc aaa.aaa.aaa.aaa > > > | | > > > --> VPN <--> Internet <--> FreeBSD Client (NATed extip: bbb.bbb.bbb.b= bb) > > > | > > > FW-1 Protected Net > > > ddd.ddd.ddd.ddd/24 > > > > > > VPN: ipsec freeswan (UDP encapsulated tunnel) > > > ccc.ccc.ccc.ccc has port 136/UDP open for this > > > I also have the following certs: cert.pem, key.pem crl.pem and CA.pem > > > I am behind internal ips allocated by dhcp. > > > > > > I need to connect to an ip in the Protected Net area. > > > > Are you connecting to Windows VPN server or VPN router or what? Maybe > > net/pptp-client will be enough for you.. > > > > Martin > > _______________________________________________ > > freebsd-security@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.= org" > > >