Solved

configure mpd

Posted on 2004-10-02
6
605 Views
Last Modified: 2013-11-22
I want to use mpd to build VPN links over the internet between FreeBSD PPTP VPN server
and Windows2000 boxes clinets (using Cisco VPN client), I installed the 'mpd' system from ports/net/mpd. Then created the following files in /usr/local/etc/mpd/...mpd.conf mpd.links mpd.secret.

VPN Server -- Internet Router-- Internet---FW/NAT--Windows Clients

Can anyone help me to modify my VPN server mpd configuration files to accept VPN
request.

Which modification should I do (mpd configuration files) in order to make FreeBSD as VPN client to connect to a Cisco VPN server

Thanks
0
Comment
Question by:madunix
  • 4
  • 2
6 Comments
 
LVL 61

Expert Comment

by:gheist
ID: 12210466
Basically mpd does not do IPSEC and ISAKMP, the protocols Cisco VPN client uses.
0
 
LVL 25

Author Comment

by:madunix
ID: 12211383
Then what should I use to implement  a vpn client or server using IPSEC under FreeBSD?

Thnaks
0
 
LVL 61

Expert Comment

by:gheist
ID: 12211956
KAME Racoon (ports/security/racoon) or OpenBSD isakmpd (ports/security/isakmpd).
Instructions:
http://www.vpnc.org/testing.html
Search google for tips
mpd will work with windows builtin PPTP client
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 61

Expert Comment

by:gheist
ID: 12212144
For isakmpd, main ideas are here:
http://www.openbsd.org/cgi-bin/man.cgi?query=vpn
For Racoon here:
http://netbsd.gw.com/cgi-bin/man-cgi?racoon
Instructions are mostly alike on FreeBSD, I have seen FreeBSD unable to kldload some encapsulation drivers dynamically using kldload, so be careful...
I use mostly isakmpd in static conditions, and few windows native VPN clients ( made by SafeNet ???).
0
 
LVL 25

Author Comment

by:madunix
ID: 12212510
Stop in /usr/ports/sysutils/portupgrade.
sdcftp# cd /usr/ports/ftp/wget && make all install clean
Dependency warning: used OpenSSL version contains known vulnerabilities
Please update or define either WITH_OPENSSL_BASE or WITH_OPENSSL_PORT
*** Error code 1

Stop in /usr/ports/ftp/wget.

sdcftp# cd /usr/ports/sysutils/portupgrade/ && make all install clean
===>  Vulnerability check disabled
===>  Extracting for portupgrade-20040701_3
>> Checksum OK for pkgtools-20040701.tar.bz2.
===>   portupgrade-20040701_3 depends on file: /usr/local/bin/ruby18 - not found
===>    Verifying install for /usr/local/bin/ruby18 in /usr/ports/lang/ruby18
Dependency warning: used OpenSSL version contains known vulnerabilities
Please update or define either WITH_OPENSSL_BASE or WITH_OPENSSL_PORT
*** Error code 1

Stop in /usr/ports/lang/ruby18.
*** Error code 1

Stop in /usr/ports/sysutils/portupgrade.


how can i update my openssl?

i need it for the vpn...










0
 
LVL 61

Accepted Solution

by:
gheist earned 50 total points
ID: 12212831
You need to upgrade base system first :-(

http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvsup.html
use RELENG_4_9 for FreeBSD 4.9 and so on

then rebuild kernel
cd /usr/src/sys/ir86/conf
config GENERIC
cd ../../compile/GENERIC
make depend ; make && make install
reboot
....

(looks like you missed only this)
cd /usr/src
make -j 10 world
reboot

now your system is updated to handle current ports tree ( and has all current ports tree)
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

This tech tip describes how to install the Solaris Operating System from a tape backup that was created using the Solaris flash archive utility. I have used this procedure on the Solaris 8 and 9 OS, and it shoudl also work well on the Solaris 10 rel…
I promised to write further about my project, and here I am.  First, I needed to setup the Primary Server.  You can read how in this article: Setup FreeBSD Server with full HDD encryption (http://www.experts-exchange.com/OS/Unix/BSD/FreeBSD/A_3660-S…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now