IPSEC documentation
Alexey Popov
llp at iteranet.com
Wed Dec 28 22:50:49 PST 2005
Hi.
VANHULLEBUS Yvan wrote:
>>- L2TP + IPSEC transport mode (= Windows road warrier)
> Did someone tried such a setup ?
> is there a L2TPD daemon running on FreeBSD which could be used for
> that ?
I'm successfully using security/racoon and net/sl2tps with Windows
XP/2003 L2TP clients. I've tried pre-shared key as well as X.509
certificates auth.
> Note also that, for now, this won't work easily, as it will require
> dynamic SP entries (roadwarriors....), but I think racoon currently
> can't deal with dynamic policies when ports specified (I'll check
> that).
racoon has passive_mode option. When it is enabled, racoon can create
SPD entries for road warriors.
If we would also have NAT-T support, FreeBSD would be the best choice
of VPN concentrator.
With best regards,
Alexey Popov
More information about the freebsd-net
mailing list