Subject: Re: VPN, I guess
To: NetBSD Users <netbsd-users@netbsd.org>
From: Rob Gridley <rob@mhzdesign.com>
List: netbsd-users
Date: 11/16/2001 11:10:12
>> I've done a lot of reading about IPSec in NetBSD and FreeBSD and come up
>> blank. It seems to be very easy to connect two remote networks together or
>> to connect two hosts together, but having a single computer with VPN Client
>> software access an internal network seems to be impossible.
>> 
>> Does anyone have any ideas about how to do this?
> 
> The quick and easy is to set up PPTP, but it is not the recommended
> method.  If you've already got an NT/2k box at work, you can enable PPTP
> w/o too much trouble.  Most versions of Windows have PPTP clients already,
> getting the Unix PPTP stuff working isn't mure more difficult than
> setting up any other ppp connection.
> 
> The 'better' free (as in beer) solutions would be Free S/WAN
> (www.freeswan.org) for Linux or KAME (www.kame.net) for BSDs.

There is an extra complication I forgot to mention. The clients are Mac OS
9. The only VPN Client I can find for Mac OS is PGP Corporate Desktop which
actually appears to be quite good. It only works with IPSec based VPNs
though.

I have successfully setup NetBSD IPSec (KAME) in transport mode and
connected a Mac OS 9 client to it using the PGP Corporate Desktop software.
That was just a test to make sure that the client software worked.

My question is, is it possible to use these together solve my problem? It
would be very easy if IPSec played nice with IPNAT. I could just use
redirects to connect to specific services inside my network.


                        Rob Gridley  |  416.626.1777
              Systems Administrator  |  rob@mhzdesign.com
          MHz Design Communications  |  http://www.mhzdesign.com