From owner-freebsd-questions@FreeBSD.ORG Mon Nov 28 23:05:10 2005 Return-Path: X-Original-To: questions@freebsd.org Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 959C616A420 for ; Mon, 28 Nov 2005 23:05:10 +0000 (GMT) (envelope-from MTaylor@bytecraft.com.au) Received: from wolf.bytecraft.au.com (wolf.bytecraft.au.com [203.39.118.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id 03E0B43D4C for ; Mon, 28 Nov 2005 23:05:07 +0000 (GMT) (envelope-from MTaylor@bytecraft.com.au) Received: from localhost (localhost [127.0.0.1]) by wolf.bytecraft.au.com (8.12.11/8.12.11) with ESMTP id jASN50Rf081499; Tue, 29 Nov 2005 10:05:00 +1100 (EST) (envelope-from MTaylor@bytecraft.com.au) Received: from wolf.bytecraft.au.com ([127.0.0.1]) by localhost (wolf.bytecraft.au.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 81061-02; Tue, 29 Nov 2005 10:05:00 +1100 (EST) Received: from svmarshal.bytecraft.au.com ([10.0.0.4]) by wolf.bytecraft.au.com (8.12.11/8.12.11) with ESMTP id jASN3txh081413; Tue, 29 Nov 2005 10:03:57 +1100 (EST) (envelope-from MTaylor@bytecraft.com.au) Received: from svmailmel.bytecraft.internal (Not Verified[10.0.0.24]) by svmarshal.bytecraft.au.com with MailMarshal (v5, 0, 3, 78) id ; Tue, 29 Nov 2005 10:03:55 +1100 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Date: Tue, 29 Nov 2005 10:03:55 +1100 Message-ID: <04E232FDCD9FBE43857F7066CAD3C0F1054172@svmailmel.bytecraft.internal> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Windows/FreeBSD VPNs Thread-Index: AcX0IESfBA+nRCAJSBCDyGZxLStbXwATy7bA From: "Murray Taylor" To: "Nathan Vidican" , "Dave" Cc: questions@freebsd.org Subject: RE: Windows/FreeBSD VPNs X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Nov 2005 23:05:10 -0000 =20 > -----Original Message----- > From: owner-freebsd-questions@freebsd.org=20 > [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of=20 > Nathan Vidican > Sent: Tuesday, November 29, 2005 12:31 AM > To: Dave > Cc: questions@freebsd.org > Subject: Re: Windows/FreeBSD VPNs >=20 > Dave wrote: > > Hello, > > Do you use mpd through a firewall? If so, how do you deal=20 > with the gre=20 > > protocol? I've not been able to get that going through a=20 > firewall. Can i=20 > > see your server/client configs? I'm wanting to compare your working=20 > > windows one to my nonworking setup. > > Thanks. > > Dave. > >=20 > > ----- Original Message ----- From: "Nathan Vidican"=20 > > > To: "Hexren" > > Cc: ; > > Sent: Friday, November 25, 2005 9:36 AM > > Subject: Re: Windows/FreeBSD VPNs > >=20 > >=20 > >> Hexren wrote: > >> > >>>> I need to set up a VPN so a remote windows client can access some > >>>> Samba shares. All of the documentation I've found are=20 > for FreeBSD to > >>>> FreeBSD tunnels, not for a client connecting directly. =20 > Pointers to > >>>> documentation? > >>> > >>> > >>> > >>> > >>>> David > >>>> _______________________________________________ > >>>> freebsd-questions@freebsd.org mailing list > >>>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions > >>>> To unsubscribe, send any mail to=20 > >>>> "freebsd-questions-unsubscribe@freebsd.org" > >>> > >>> > >>> > >>> --------------------------------------------- > >>> > >>> In your situation I tried openvpn and found it very=20 > comfortable to set > >>> up and maintain. There is a freebsd port and packages for=20 > some systems > >>> are avaiable. (that includes MS Windows) > >>> > >>> http://openvpn.net/ > >>> > >>> Regards > >>> Hexren > >>> > >>> _______________________________________________ > >>> freebsd-questions@freebsd.org mailing list > >>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions > >>> To unsubscribe, send any mail to=20 > >>> "freebsd-questions-unsubscribe@freebsd.org" > >>> > >>> > >> > >> MPD - also in the ports collection, does PPTP and IPSEC=20 > tunnels, you=20 > >> do not need anything for windows 2000 upwards to connect,=20 > though you=20 > >> will need an add-on to win98 dial-up-networking to do=20 > ipsec. Fairly=20 > >> straight-forward install, runs clean, and documentation available. > >> > >> --=20 > >> Nathan Vidican > >> nvidican@wmptl.com > >> Windsor Match Plate & Tool Ltd. > >> http://www.wmptl.com/ > >> _______________________________________________ > >> freebsd-questions@freebsd.org mailing list > >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions > >> To unsubscribe, send any mail to=20 > >> "freebsd-questions-unsubscribe@freebsd.org"=20 > >=20 > >=20 > >=20 > >=20 > Actually, I have not got an install of mpd running right now=20 > - used to run it=20 > from my office, but that office has since closed and I am=20 > employed elsewhere=20 > now. When I did have it running, I had a dual-homed machine=20 > which had an outside=20 > (static valid internet IP) and an inside interface to the=20 > LAN. The building at=20 > the time actually had 5 different networks, so routing and=20 > firewalling were a=20 > little more complex than most - but if I recall, each login=20 > via mpd get's it's=20 > own aliased interface on the FreeBSD machine, so just create=20 > your firewall rules=20 > appropriately. - Not sure how/if you can run mpd through NAT=20 > if that's what you=20 > were asking. Here are my ipf rules for VPN usage. And yes I am using ipnat also (with nothing special there for VPN) # # pptp and gre for VPN # pass out quick on rl0 proto tcp from any to any port =3D 1723 flags S kee= p state pass out quick on rl0 proto gre from any to any and this is what 1723 is operator@spyder (~)ttyp0 > grep 1723 /etc/services pptp 1723/tcp #Point-to-point tunnelling protocol HTH Murray T --------------------------------------------------------------- The information transmitted in this e-mail is for the exclusive use of the intended addressee and may contain confidential and/or privileged material. Any review, re-transmission, dissemination or other use of it, or the taking of any action in reliance upon this information by persons and/or entities other than the intended recipient is prohibited. If you received this in error, please inform the sender and/or addressee immediately and delete the material.=20 E-mails may not be secure, may contain computer viruses and may be corrupted in transmission. Please carefully check this e-mail (and any attachment) accordingly. No warranties are given and no liability is accepted for any loss or damage caused by such matters. --------------------------------------------------------------- ***This Email has been scanned for Viruses by MailMarshal.***