trying to set up PGPNet
From: John Hines (firstname.lastname@example.org)
- Next message: Scott M. Nolde: "Re: ipfw and DHCP"
- Previous message: isabelle boinot: "GALAS, J.L. MERY et O. LE GUISQUET)."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "John Hines" <email@example.com> To: <firstname.lastname@example.org> Date: Sat, 2 Mar 2002 20:13:39 -0500
I'm looking for help/documentation to set up a remote vpn client (PGPNet) to connect to my internal network behind a FreeBSD fw. I've been able to set up a vpn between two FreeBSD firewalls, but I'm unable to find any docs on how to have a remote PC connect to my internal net's using PGPNet.
I assume the setup for PGPNet would be similar to setting up a vpn between two FreeBSD firewalls. This is my current network topology:
+--> Remote PC <--> Internet <--> FreeBSD GW
Cable Modem Y.Y.Y.Y 192.168.1.0/24
Win98 box Internal Nets
I'm assuming that I need to add a line to my psk.txt file with the IP Y.Y.Y.Y and a password abc123. I'm also assuming that my raccoon.conf file will not need to change. Would this be the correct way to set up my kame-bsd.sh script to run the setkey tool?
# IP addresses
# External Interface External Interface
# 18.104.22.168 22.214.171.124
# | |
# +--> Firewall-1 <--> Internet <--> FreeBSD GW <--+
# | |
# 172.16.1.0/24 192.168.0.0/24
# FW-1 Protected Nets Internal Nets
# Configure the Policy
setkey -c << END
spdadd 192.168.1.0/24 Y.Y.Y.Y/32 any -P out ipsec
spdadd Y.Y.Y.Y 192.168.1.0/24 any -P in ipsec
Also would this be the correct way add the gif funnel?
ifconfig gif0 create
gifconfig gif0 inet X.X.X.X Y.Y.Y.Y
ifconfig gif0 inet 192.168.1.1 Y.Y.Y.Y 255.255.255.0
Is there anything I missed?
Thanks in advance,
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message