• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 634
  • Last Modified:

configure mpd

I want to use mpd to build VPN links over the internet between FreeBSD PPTP VPN server
and Windows2000 boxes clinets (using Cisco VPN client), I installed the 'mpd' system from ports/net/mpd. Then created the following files in /usr/local/etc/mpd/...mpd.conf mpd.links mpd.secret.

VPN Server -- Internet Router-- Internet---FW/NAT--Windows Clients

Can anyone help me to modify my VPN server mpd configuration files to accept VPN
request.

Which modification should I do (mpd configuration files) in order to make FreeBSD as VPN client to connect to a Cisco VPN server

Thanks
0
madunix
Asked:
madunix
  • 4
  • 2
1 Solution
 
gheistCommented:
Basically mpd does not do IPSEC and ISAKMP, the protocols Cisco VPN client uses.
0
 
madunixChief Information Security Officer Author Commented:
Then what should I use to implement  a vpn client or server using IPSEC under FreeBSD?

Thnaks
0
 
gheistCommented:
KAME Racoon (ports/security/racoon) or OpenBSD isakmpd (ports/security/isakmpd).
Instructions:
http://www.vpnc.org/testing.html
Search google for tips
mpd will work with windows builtin PPTP client
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
gheistCommented:
For isakmpd, main ideas are here:
http://www.openbsd.org/cgi-bin/man.cgi?query=vpn
For Racoon here:
http://netbsd.gw.com/cgi-bin/man-cgi?racoon
Instructions are mostly alike on FreeBSD, I have seen FreeBSD unable to kldload some encapsulation drivers dynamically using kldload, so be careful...
I use mostly isakmpd in static conditions, and few windows native VPN clients ( made by SafeNet ???).
0
 
madunixChief Information Security Officer Author Commented:
Stop in /usr/ports/sysutils/portupgrade.
sdcftp# cd /usr/ports/ftp/wget && make all install clean
Dependency warning: used OpenSSL version contains known vulnerabilities
Please update or define either WITH_OPENSSL_BASE or WITH_OPENSSL_PORT
*** Error code 1

Stop in /usr/ports/ftp/wget.

sdcftp# cd /usr/ports/sysutils/portupgrade/ && make all install clean
===>  Vulnerability check disabled
===>  Extracting for portupgrade-20040701_3
>> Checksum OK for pkgtools-20040701.tar.bz2.
===>   portupgrade-20040701_3 depends on file: /usr/local/bin/ruby18 - not found
===>    Verifying install for /usr/local/bin/ruby18 in /usr/ports/lang/ruby18
Dependency warning: used OpenSSL version contains known vulnerabilities
Please update or define either WITH_OPENSSL_BASE or WITH_OPENSSL_PORT
*** Error code 1

Stop in /usr/ports/lang/ruby18.
*** Error code 1

Stop in /usr/ports/sysutils/portupgrade.


how can i update my openssl?

i need it for the vpn...










0
 
gheistCommented:
You need to upgrade base system first :-(

http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvsup.html
use RELENG_4_9 for FreeBSD 4.9 and so on

then rebuild kernel
cd /usr/src/sys/ir86/conf
config GENERIC
cd ../../compile/GENERIC
make depend ; make && make install
reboot
....

(looks like you missed only this)
cd /usr/src
make -j 10 world
reboot

now your system is updated to handle current ports tree ( and has all current ports tree)
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now