trying to set up PGPNet

From: John Hines (
Date: 03/03/02

From: "John Hines" <>
To: <>
Date: Sat, 2 Mar 2002 20:13:39 -0500


 I'm looking for help/documentation to set up a remote vpn client (PGPNet) to connect to my internal network behind a FreeBSD fw. I've been able to set up a vpn between two FreeBSD firewalls, but I'm unable to find any docs on how to have a remote PC connect to my internal net's using PGPNet.
    I assume the setup for PGPNet would be similar to setting up a vpn between two FreeBSD firewalls. This is my current network topology:

                                                           External Interface



       +--> Remote PC <--> Internet <--> FreeBSD GW

       | |

     Cable Modem Y.Y.Y.Y

      Win98 box Internal Nets

I'm assuming that I need to add a line to my psk.txt file with the IP Y.Y.Y.Y and a password abc123. I'm also assuming that my raccoon.conf file will not need to change. Would this be the correct way to set up my script to run the setkey tool?

# IP addresses
# External Interface External Interface
# | |
# +--> Firewall-1 <--> Internet <--> FreeBSD GW <--+
# | |
# FW-1 Protected Nets Internal Nets
setkey -FP
setkey -F
# Configure the Policy
setkey -c << END
spdadd Y.Y.Y.Y/32 any -P out ipsec
spdadd Y.Y.Y.Y any -P in ipsec

Also would this be the correct way add the gif funnel?
ifconfig gif0 create

gifconfig gif0 inet X.X.X.X Y.Y.Y.Y

ifconfig gif0 inet Y.Y.Y.Y

Is there anything I missed?

Thanks in advance,

John Hines


To Unsubscribe: send mail to
with "unsubscribe freebsd-security" in the body of the message

Relevant Pages