[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ipsec/win2k clients (free)

To: <misc@openbsd.org>
Subject: Re: ipsec/win2k clients (free)
From: "Robert Schwartz" <robert@mrsquirrel.com>
Date: Thu, 1 Aug 2002 11:36:31 -0700
content-class: urn:content-classes:message
Thread-Index: AcI5hbgdphiz29bOTWSGm6CYHsotowAADtEQ
Thread-Topic: ipsec/win2k clients (free)

> Is it possible to configure a working solution using an 
> OpenBSD ipsec gateway to a private network with users 
> connecting from Windows 2000 vpn clients (native MS client) 
> on the internet?  From what I've read, this setup will not 
> work correctly, but will work if you use a 3rd party client 
> such as pgpnet or other (not free).  We can't use 
> pgp-freeware since it would be for commercial use.

You have 2 options:

1) This paper is pretty thorough (covering win2k and winXP).  I've
gotten host-to-host working, but ran out of time to move forward with
VPN testing (maybe in a few weeks).

http://www.cs.umd.edu/~mvanopst/xp2obsd.pdf

quoting from the top:

"The following paper describes in detail the configuration of an IPsec
Host-to-Host 
connection between OpenBSD and Windows XP Professional with
Authentication via X.509v3 
Certificates. A VPN can be implemented with simple modifications."

2) If this doesn't work or if you need downlevel client support or if
the ultimate soop3r secure crypto alogrithm isn't required then PPTP
might be your best shot (PoPToP pptpd is available and works with some
tweaks, the archives are good).

Follow-Ups:
- Re: ipsec/win2k clients (free)
  - From: Jordi YC <jordi_yc@lycos.es>

Prev by Date: Re: confine user
Next by Date: Re: Ultra ATA 133 with OpenBSD 3.1
Prev by thread: Re: ipsec/win2k clients (free)
Next by thread: Re: ipsec/win2k clients (free)
Index(es):
- Date
- Thread