Re: VPN Help

From: Dan Bent (dbent_at_comcast.net)
Date: 11/29/03 

Date: Sat, 29 Nov 2003 08:33:03 -0500

Thanks for the response. I think you helped me with something else not long
ago.

I'll happily provide details, but I'm not sure what would be useful, and
what might compromise my vpn..

I believe I've followed the examples in the vpn and ipsecadmin man pages,
but the vpn doesn't work. I'm not sure where to begin troubleshooting to
diagnose the problem.

As I understand isakmp, it a method for exchanging authorization codes
dynamically. I would use it, but I don't believe I can configure it to work
with the firewall appliance I have on the office end. That appliance has a
GUI interface for configuring a vpn, and it generated keys, which I have
stored in files on the on the firewall at the ISP end. So, I don't think
authorization keys are a problem, but I can't rule them out either. I don't
get any error messages that I'm aware of, so I really don't know where to
begin, or how to proceed.

"erik" <erik@geenspam.vanwesten.net> wrote in message
news:3fc7fe5c$0$1507$e4fe514c@news.xs4all.nl...
> Dan Bent wrote:
>
> > I'm trying to establish a VPN between my office network, and the
> > network inside my colo closet at my ISP. I'm using OpenBSD pf, and
> > ipsecadmin to set up the VPN on the ISP closet side, and an appliance
> > with a GUI (looks like a GUI front end to PHP scripts) for the
> > firewall on the office side. I've read man pages, how-tos, and
> > tutorials, and I have built a configuration I think
> > out to work, but it doesn't. I'm not sure how to troubleshoot it and
> > identify where the process is breaking down. I'd really appreciate any
> > help I could get.
> >
>
> How can we give help if you don't give details? Anyway, using isakmp is
> a lot easier.
>
> EJ
> --
> Remove the obvious part (including the dot) for my email address.
> http://www.vanwesten.net for examples of ipf and pf.
>

Relevant Pages

  • VPN Help
    ... I'm trying to establish a VPN between my office network, ... inside my colo closet at my ISP. ...
    (comp.unix.bsd.openbsd.misc)
  • Re: AD structure question
    ... To ISP DNS servers? ... and applying to all clients in A and B. You can create 2 sites and then use ... But VPN gives just access to share resources. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Route an external IP address via site to site vpn
    ... We use a different ISP at site 2 and so they ... setup the site-to-site VPN connection thru 2 ISA 2004 servers? ... Router add ExternalIP RemoteISAInternalIP ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN Help
    ... > network inside my colo closet at my ISP. ... > ipsecadmin to set up the VPN on the ISP closet side, ... > with a GUI for the ...
    (comp.unix.bsd.openbsd.misc)
  • RE: looking for a hub or switch that can connect a VPN and apply firewallrules to all ports
    ... So your clients' Internet traffic doesn't go through the VPN? ... Police your own network so the ISP doesn't see things they ... I have maybe 10-20 computers plugged into a VPN ... install and use a thawte Digital Certificate on your Apache ...
    (Security-Basics)