[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OpenBSD VPN Question



Do you mean transparent bridging with filtering by "screened architecture"
???

OpenBSD will do PPTP with PoPToP, the same software for Linux
Blocking and filtering can be done based on IP, although I don't think
GRE is an option under IP Filter, I don't really think you need it
specifically.  the OpenBSD will block all traffic, TCP, GRE, ICMP, or
otherwise.... The PoPToP documentation tells you more on this in a firewalled
setup...

On Tue, 14 Sep 1999, Gary Rule wrote:

 | Hello,
 |     I am new to OpenBSD. I did a quick search of the archives and didn't
 | find anything recent/relevant on this question. So forgive me if I missed it
 | somewhere. I am redesigning my company firewall from a Dual-Homed
 | Architecture to a Screened Subnet Architecture. I currently run Linux as the
 | host and I have about 20 machines on the internal network using PPTP clients
 | to connect to a PPTP server a few states away. I want to implement a Linux
 | machine as our Exterior router and OpenBSD as our Interior router. I know
 | the Linux machine will pass/filter GRE packets, with a patch, but I'm not
 | sure if OpenBSD will. Can I use ipf to allow/deny GRE? If not are there any
 | patches/ports that will allow me to do this?
 | Thanks in Advance
 | 

---
I dress like a pimp
I walk with a limp
I see the Browns for free in
My low-rider blimp.