[wplug] Question for VPN setup
Bill Moran
wmoran at potentialtech.com
Wed Dec 10 15:41:37 EST 2003
Benjamin Slavin wrote:
> I recently had a client ask about the setup of a VPN to allow remote
> users to login to a corporate network while they are out of town. The
> requirements are that the end users will be running Windows XP (or 2000,
> in a few cases) and that they have to be able to connect over the internet.
>
> I've done a good bit of searching around, and find myself more confused
> than informed.
That's because the concept of a VPN has been around much longer than any
particular standard, thus there is much confusion.
> Can anyone suggest a GOOD [secure] way to implement the VPN described
> above?
IPsec is probably your best bet.
> I'd like to make use of an OpenBSD server already acting as the
> firewall, but the documentation for IPSec is poor (and has actually been
> removed from the FAQ due to lack of maintenance).
The FreeBSD handbook has an excellent piece on IPsec:
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ipsec.html
I'm not sure how close this is to how you'd do it in OpenBSD, but they
are both BSD, and they both use Kame, so it should be pretty similar.
> From what I've read, I assume that IPSEC with x509 keys is the way to
> go, but I'm open to any and all suggestions.
I think you're on the right track with that.
--
Bill Moran
Potential Technologies
http://www.potentialtech.com
More information about the wplug
mailing list