From owner-freebsd-questions@FreeBSD.ORG Tue Apr 27 11:20:47 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3369F16A4CE; Tue, 27 Apr 2004 11:20:47 -0700 (PDT) Received: from hermes.jf.intel.com (fmr05.intel.com [134.134.136.6]) by mx1.FreeBSD.org (Postfix) with ESMTP id BEAC443D2F; Tue, 27 Apr 2004 11:20:46 -0700 (PDT) (envelope-from thomasx.foster@intel.com) Received: from petasus.jf.intel.com (petasus.jf.intel.com [10.7.209.6]) 1.15 2004/01/30 18:16:28 root Exp $) with ESMTP id i3RIKwBK001275; Tue, 27 Apr 2004 18:20:58 GMT Received: from orsmsxvs040.jf.intel.com (orsmsxvs040.jf.intel.com [192.168.65.206]) major-inner.mc,v 1.10 2004/03/01 19:21:36 root Exp $) with SMTP id i3RIKPRc012228; Tue, 27 Apr 2004 18:20:52 GMT Received: from orsmsx332.amr.corp.intel.com ([192.168.65.60]) M2004042711203606239 ; Tue, 27 Apr 2004 11:20:36 -0700 Received: from orsmsx405.amr.corp.intel.com ([192.168.65.46]) by orsmsx332.amr.corp.intel.com with Microsoft SMTPSVC(5.0.2195.6713); Tue, 27 Apr 2004 11:20:36 -0700 X-MimeOLE: Produced By Microsoft Exchange V6.0.6487.1 Content-Class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Date: Tue, 27 Apr 2004 11:20:36 -0700 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: VPN Gateway to M$ Windows Thread-Index: AcQsXfIl2vPJzhVoQhShw9McCHr6hAAJXfiA From: "Foster, ThomasX" To: "Odhiambo Washington" , X-OriginalArrivalTime: 27 Apr 2004 18:20:36.0638 (UTC) FILETIME=[562E0BE0:01C42C84] X-Scanned-By: MIMEDefang 2.31 (www . roaringpenguin . com / mimedefang) cc: gnb@lightning.itga.com.au cc: archie@freebsd.org Subject: RE: VPN Gateway to M$ Windows X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Apr 2004 18:20:47 -0000 Define gateway: Would you like to use the Windows Server as your PPTP/VPN server.. or do you want to use MPD ? MPD (to my knowledge) cannot query the LDAP server that resides on the Windows server to authenticate users.. so there are a couple of different approaches.. Poke holes in your firewall and forward the ports to your Windows server which will run their RRAS implementation of PPTP Run MPD on a FreeBSD server behind your firewall and manage the accounts via your MPD links definitions. Please correct me if I am wrong, but it depends on how you want to manage your VPN accounts, for I have not found a way to use an account database external to MPD's link definitions. http://www.section6.net/help.php Thomas Foster -----Original Message----- From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of Odhiambo Washington Sent: Tuesday, April 27, 2004 6:45 AM To: freebsd-questions@freebsd.org Cc: gnb@lightning.itga.com.au; archie@freebsd.org Subject: VPN Gateway to M$ Windows Folks, The wind doesn't seem to be blowing in my direction. Either I am getting crazy or just losing touch. I am reading all the doco I can lay my hands on about setting up a VPN gw and this is to use MPD. Now there is a nice page (I love the setup notes this guy made!) here: http://www.itga.com.au/~gnb/vpn/pptp-serv.html It talks about mpd-3.2 and 3.3 and this was written long ago. But looking at my ports (4.9-STABLE and 5.2.1-RELEASE) the Makefile in the /usr/ports/net/mpd show it's version 3.17. At the time of writing his doco, March 2001, Gregory he says that mpd was at version 3.2. That has lost me! Was the port downgraded? Does anyone know if the patches for external-auth were made part of the 3.17 port?? OK. I would like to setup a VPN gateway to a Microsuck Windows box. I've had suggestions to use Cisco PIX for this, but I was wondering what it is that the Cisco thingy will do that FreeBSD with MPD won't do. I am also looking at other "secure implementations" of this project. I'm still googling (giggling ;-)) but any other pointers are most welcome. -Wash http://www.netmeister.org/news/learn2quote.html -- +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ |\ _,,,---,,_ | Odhiambo Washington Zzz /,`.-'`' -. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ It is not enough to succeed. Others must fail. -- Gore Vidal _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"