OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
FreeBSD Security Archives: Re: Configuration Validation Request

Re: Configuration Validation Request

Subject: Re: Configuration Validation Request
From: Gregory Carvalho (GregoryCstcinc.com)
Date: Fri Jan 07 2000 - 14:17:53 CST

Gregory Carvalho wrote:
>
> I have a scenario which requires IPSec, but the packets must transgress
> a Microsoft Windows NT 4.0 Server running PPTP. I would like to use the
> Kame IPSec package on FreeBSD 3.3R as in the diagram below. I envision
> the sequence being Farside's PoPToP establishing a connection with
> OutOfMyHands's PPTP, then IPSec riding that tunnel and cruising right
> past OutOfMyHands to ServerSide's IPSec. Please comment on the validity
> of this configuration.

Clarification: Hosts connected to Farside (which is acting as
firewall/gateway) attempt to talk to hosts connected to ServerSide
(which is acting as firewall/gateway), so I desire for all traffic
between FarSide and ServerSide to be ESP with authentication.
OutOfMyHands does not contain IPSec.

>
> ------------------- /\ -------------------
> | FreeBSD 3.3R | / \ | WinNT4S |
> | Name: FarSide | / \ | Name: OutOfMyHands|
> | IPSec (Kame) | \Inet/ | MS Proxy |
> | PoPToP |____\__/____| PPTP |__
> ------------------- \/ ------------------- |
> |
> |
> ------------------- |
> | FreeBSD 3.3R | |
> | Name: ServerSide | |
> | | |
> | IPSec |__|
> -------------------
>

Cordially,
Gregory Carvalho GregoryCstcinc.com
Simplified Technology Company http://www.stcinc.com
In God I Trust!

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

This archive was generated by hypermail 2b27 : Fri Jan 07 2000 - 14:14:52 CST