-----Original Message----- From: Martin PelikC!n [mailto:martin.peli...@gmail.com] Sent: Friday, May 21, 2010 8:19 AM To: dontek Cc: Misc OpenBSD Subject: Re: OpenBSD 4.7 as VPN Gateway for Road Warriors, Preferred Configuration
> Hi > did you actually read any piece of documentation about the topic? > Manual pages like ipsec(4) for overview, ipsec.conf(5) for > configuration and isakmpd(8) + keynote(3,4,5) + openssl(1) + authpf(8) > for possible ways of authenticating your warriors. Yes, thanks, I've read the man pages. I've even made the proposed connection work both ways. (less the DHCP working) What I was hoping for was a few that have more experience than I do to share their experiences and tell me some of the potential benefits and/or drawbacks of doing it one way or the other; preferably specific to multiple roaming clients, with the intention of using DHCP over IPSec, and with any OpenBSD-4.7-specific nuances. >> I've found many examples via Google. Some are using isakmpd.conf, while >> others use the isakmpd -K switch and defer to ipsec.conf for configuration. > Choose what you prefer. ipsec.conf is less typing (about ten times). >> In my situation with multiple Road Warriors, is one way more correct than >> the other..? Easier..? > All the situations are easy if you know what are doing :-) And guess > where the place to learn is... >> What's the preferred method in the day of OpenBSD 4.7? > To search before typing? > -- > Martin Pelikan