Hi, i looking for a simple setup for npppd/ipsec for road warriors. We have some clients (road warriors) with dynamic ip-adresses connecting to a gateway by L2TP (macosx/ios/windows).
Client (road warriors) --> GATEWAY --> Internet I just looking for a simple configuration for our openbsd5.4 gateway. I read different howtos (like http://de.slideshare.net/GiovanniBechis/npppd-easy-vpn-with-openbsd) and the man page but i do not have a clue where is the problem in my setting. > cat /etc/npppd/npppd.conf tunnel L2TP protocol l2tp tunnel PPTP protocol pptp ipcp IPCP { pool-address 10.0.0.2-10.0.0.254 dns-servers 8.8.8.8 } interface pppx0 address 10.0.0.1 ipcp IPCP authentication LOCAL type local { users-file "/etc/npppd/npppd-users" } bind tunnel from L2TP authenticated by LOCAL to pppx0 bind tunnel from PPTP authenticated by LOCAL to pppx0 > cat /etc/npppd-users mika:\ :password=.huuhstetst$oN:\ :framed-ip-address=10.0.0.101: > cat /etc/ipsec.conf public_ip = "1.7.15.1" #public ip of gateway ike passive esp transport \ proto udp from $public_ip to any port 1701 \ main auth "hmac-sha1" enc "aes" group modp2048 \ quick auth "hmac-sha1" enc "3des" \ psk "2h*GL]U?{i2KdneThezZnhezpbm46^kEUyjCoYvVpttM#jMkM(i" > sysctl | grep net.pipex.enable net.pipex.enable=1 > cat /etc/pf.conf pass quick proto { esp, ah } from any to any pass in quick on egress proto udp from any to any port {500, 4500, 1701} keep state pass on enc0 from any to any keep state (if-bound) Can you give me some hints. best regards, Mika