vpn - not sure if its what Im looking for - looking for advice

vpn - not sure if its what Im looking for - looking for advice

Post by Dennis Van Amburg » Sat, 05 Aug 2000 04:00:00



Clyde,

Most VPN implementations now support dhcp 'road warrior' connections,
however it is not easily done using OpenBSD's IPSEC tools, and I have seen
no reference on any sites on connecting to say a Win2k client desktop to the
OpenBSD server, other than a mention that a connection is possible using
Ike.   You may want to look into PopTop which is a Microsoft PPTP VPN
Solution that is popular on Linux, but because of some limitations in the
ppp kernel code on OpenBSD you will not be able to apply the cool
encryptions (MSCHAPV2, 128Bit MPPE), but it should still work ok.

The easiest thing you can probally do, considering you only have 6 incoming
connections to worry about and if you didn't want to dig into IPSEC is to
use ipnat's redirection and somehow enforce your PC Anywhere users to use
PC-Anywhere's encryption to establish a *somewhat* secure connection.
Otherwise, man vpn.

Dennis Van Amburgh

Albany, NY


Quote:> The short story is that I have been asked (after putting in OpenBSD
> 2.7 as a firewall/NAT solution) to provide a way to let people in to
> the internal 192.168.1.0/24 network from the internet so that they can
> connect to (currently 6) pcanywhere sessions on various workstations.

> The docs I have read on vpn all talk about static connections between
> networks but I am looking for something that will enable the enduser
> on win9.x (after dialing into their ISP) to pop up some kind of name /
> password box that will make them part of the internal network. I know
> how to do this using NT4 and 2000 but want to use the box that OpenBSD
> is on since I converted (read wiped) NT4 server off and put openBSD on
> before getting all the specs that they wanted.

> I did think about just redirecting various ports to point to the
> various workstations but I cant control the lack of passwords on the
> workstation pcanywhere (yes I have tryed to get them to use something
> else - lost that battle) copys and cant determine what IP addresses
> all these people will be hitting from.

> Any suggestions / pointers to info or ports would be really really be
> appreciated.

> Thanks
> Clyde Burns

 
 
 

vpn - not sure if its what Im looking for - looking for advice

Post by Toni Heinone » Sat, 12 Aug 2000 04:00:00



Quote:> Clyde,

> Most VPN implementations now support dhcp 'road warrior' connections,
> however it is not easily done using OpenBSD's IPSEC tools, and I have seen
> no reference on any sites on connecting to say a Win2k client desktop to the
> OpenBSD server, other than a mention that a connection is possible using
> Ike.   You may want to look into PopTop which is a Microsoft PPTP VPN
> Solution that is popular on Linux, but because of some limitations in the
> ppp kernel code on OpenBSD you will not be able to apply the cool
> encryptions (MSCHAPV2, 128Bit MPPE), but it should still work ok.

> The easiest thing you can probally do, considering you only have 6 incoming
> connections to worry about and if you didn't want to dig into IPSEC is to
> use ipnat's redirection and somehow enforce your PC Anywhere users to use
> PC-Anywhere's encryption to establish a *somewhat* secure connection.

SSH tunnels?

--
Cream, the masterweb of com.dyslexia.www

 
 
 

1. HELLO.. IM LOOKING FOR A ACCOUNT????

Hello all ...

Im currently looking for a new subscription services for my account.

I have tried several places that have trial accoutns like, nj5.inj and squeeky.free.org, but im looking for somethig like this again, that offers a free trial period, or somewhere just a bit differnt

If you can help me at all .. please mail me promptly


bye now

2. Reading is much more interesting than TV (0774/1708)

3. Im looking for the best accelerator dfx

4. 2.5.61-mm1

5. I am looking for an IM program that is client-server

6. RedHat versus Slackware

7. Im looking for a S3 Virge server

8. 1.2.13 Upgrade breaks X

9. Im looking for a bandwith manager

10. Im looking for help to config sendmail

11. Im looking for Free Shell Accounts...

12. Im looking for a shell that allows BNC/EZBouncers???

13. dns problem im sure