From owner-freebsd-questions@FreeBSD.ORG Tue Jan 9 00:55:48 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id E503A16A415 for ; Tue, 9 Jan 2007 00:55:48 +0000 (UTC) (envelope-from rob@coombs.anu.edu.au) Received: from quokka.dot.net.au (humvee.dot.net.au [202.147.68.10]) by mx1.freebsd.org (Postfix) with ESMTP id 7DDC413C442 for ; Tue, 9 Jan 2007 00:55:48 +0000 (UTC) (envelope-from rob@coombs.anu.edu.au) Received: from [203.129.46.133] (helo=freebsd.connect-a.com.au) by quokka.dot.net.au with esmtp (Exim 3.35 #1 (Debian)) id 1H45HG-0008MG-00; Tue, 09 Jan 2007 11:55:46 +1100 Received: from localhost (localhost [127.0.0.1]) by freebsd.connect-a.com.au (8.13.6/8.13.6) with ESMTP id l090tbvo004504; Tue, 9 Jan 2007 11:55:40 +1100 (EST) (envelope-from rob@coombs.anu.edu.au) Date: Tue, 9 Jan 2007 11:55:37 +1100 (EST) From: Rob Hurle X-X-Sender: rob@freebsd.connect-a.com.au To: Wojciech Puchar In-Reply-To: <20070108220016.K55690@chylonia.3miasto.net> Message-ID: <20070109114313.G1380@freebsd.connect-a.com.au> References: <20070108220016.K55690@chylonia.3miasto.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Spam-Status: No, score=-0.5 required=5.0 tests=ALL_TRUSTED,AWL, J_CHICKENPOX_37,MR_DIFF_MID autolearn=no version=3.1.4 X-Spam-Checker-Version: SpamAssassin 3.1.4 (2006-07-25) on freebsd.connect-a.com.au Cc: freebsd-questions@freebsd.org Subject: Re: a bit OT - VPN+Windows X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Jan 2007 00:55:49 -0000 On Mon, 8 Jan 2007, Wojciech Puchar wrote: > could You put me to some manual about configuring any king of VPN (with > encryption at least, preferable compression too) with windows machines as > clients and FreeBSD as servers. > > i used VPN's many times but always with unix on both sides and used vtun > which works great. unfortunately there is no vtun for windows. I have used poptop (AKA pptpd) - in the ports collection, but the really useful information is at: http://www.pingle.org/2006/04/11/getting-poptop-to-run-under-freebsd-5-6 However, two points: 1. pptpd is built for Linux. For FreeBSD user-land ppp is used, no matter what you specify, and so the config file is /etc/ppp/ppp.conf. Anything you say about this setting in /usr/local/etc/pptpd.conf is ignored, and the ppp.conf file used instead. Also, some settings are repeated in both ppp.conf and pptpd.conf - the ppp.conf settings take precedence. The ppp.conf needs to specify a label for pptpd to use, and it is: pptp: (normal ppp directives follow this) 2. You need to set your FreeBSD system to be a gateway (gateway_enable="YES" in /etc/rc.conf) and some routing and ARP stuff enabled in rc.conf: arpproxy_all="YES" forward_sourceroute="YES" accept_sourceroute="YES" I have it working at a fairly large site where people use XP at home and access the Windows stuff through a FreeBSD 6.1 gateway. Cheers, Rob Hurle ----------------------------------------------------- Rob Hurle Faculty of Asian Studies, ANU Home address and contacts: Tel: +61 2 6247 2397 PO Box 4013 Fax: +61 2 6247 2397 Ainslie Cell phone: 0417 293 603 Australia e-mail: rob@coombs.anu.edu.au -----------------------------------------------------