NetBSD-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: dynamic authenticated tunnel set-up
On Wed, Feb 12, 2014 at 12:08:05PM -0800, Paul Goyette wrote:
>
> Any suggestions on something simple?
>
simple and vpn never belong in the same sentence unless there is a
negation involved ;) I did use NetBSD to set up a vpn server using
hybrid xauth, it required a certificate as well as a username and
password before the tunnel established[1]. The clients were windows
machines but the same should work with a NetBSD client. The tunnels
were only ipv4 so I can't say absolutely that ipv6 will go over the
tunnel... I guess there is always 6to4. I just used the native racoon
to handle the ipsec config.
[1] Even more fun, the backend auth was a radius server that not only
handled the user auth but also determined from what IP address range the
user would be allocated an address which, in turn, determined what
internal servers they could see.
--
Brett Lymn
Staple Guns: because duct tape doesn't make that KerCHUNK sound - xkcd.com
Home |
Main Index |
Thread Index |
Old Index