|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Eric Anderson (anderson_at_centtech.com)
Date: Mon Dec 09 2002 - 17:00:06 CST
Fernando Gleiser wrote:
> I'm sorry if this is OT for -security. I sent it to -questions but
> got no answer.
>
> I need to set up a VPN between a corporate LAN and roaming users. The
> firewall is a FreeBSD 4.7 box with ipf/ipnat and will act as a security
> gateway for the tunnel.
>
> On the other side there are several Win2K/XP boxes connected to the
> Internet via DSL/cable modem/dialup/carrier pigeon/whatever and they have
> a different IP every time they connect.
>
> The problem is: every single doc/tutorial/man page/ I've read says how to
> set up the SA with static IPs, but now one side is dynamic.
>
> So the questions are:
>
> 1. Is this posible?
> 2. If it's posible, can I do it with IKE/ISAKMP?
> 3. Does anybody have a pointer to a doc which says how to do it? I'll rtfm,
> just tell me where the fm is :)
1. Yes, it is possible.. You'll have to do something with certificates
probably, or use mpd on the server end. There are other solutions,
those are just a few things..
2. Maybe.. Are you trying to connect each individual windows box, or
are you going to have a firewall/gateway that does this for all of them
(the entire lan)?
3. I don't know .. maybe... I have this working, so maybe I should
write one up.. :)
Eric
-- ------------------------------------------------------------------ Eric Anderson Systems Administrator Centaur Technology Beware the fury of a patient man. ------------------------------------------------------------------To Unsubscribe: send mail to majordomo
FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]