Re: dynamic authenticated tunnel set-up

To: Paul Goyette <paul%whooppee.com@localhost>
Subject: Re: dynamic authenticated tunnel set-up
From: Brett Lymn <blymn%internode.on.net@localhost>
Date: Thu, 13 Feb 2014 21:03:03 +1030

On Wed, Feb 12, 2014 at 12:08:05PM -0800, Paul Goyette wrote:
> 
> Any suggestions on something simple?
> 

simple and vpn never belong in the same sentence unless there is a
negation involved ;)  I did use NetBSD to set up a vpn server using
hybrid xauth, it required a certificate as well as a username and
password before the tunnel established[1].  The clients were windows
machines but the same should work with a NetBSD client.  The tunnels
were only ipv4 so I can't say absolutely that ipv6 will go over the
tunnel... I guess there is always 6to4.  I just used the native racoon
to handle the ipsec config.

[1] Even more fun, the backend auth was a radius server that not only
handled the user auth but also determined from what IP address range the
user would be allocated an address which, in turn, determined what
internal servers they could see.

-- 
Brett Lymn
Staple Guns: because duct tape doesn't make that KerCHUNK sound - xkcd.com

References:
- dynamic authenticated tunnel set-up
  - From: Paul Goyette

Prev by Date: Re: Trying to boot from USB pendrive image on a netbook
Next by Date: Re: dynamic authenticated tunnel set-up
Previous by Thread: Re: dynamic authenticated tunnel set-up
Next by Thread: Re: dynamic authenticated tunnel set-up
Indexes:

Home | Main Index | Thread Index | Old Index