Solved

configure mpd

Posted on 2004-10-02
6
607 Views
Last Modified: 2013-11-22
I want to use mpd to build VPN links over the internet between FreeBSD PPTP VPN server
and Windows2000 boxes clinets (using Cisco VPN client), I installed the 'mpd' system from ports/net/mpd. Then created the following files in /usr/local/etc/mpd/...mpd.conf mpd.links mpd.secret.

VPN Server -- Internet Router-- Internet---FW/NAT--Windows Clients

Can anyone help me to modify my VPN server mpd configuration files to accept VPN
request.

Which modification should I do (mpd configuration files) in order to make FreeBSD as VPN client to connect to a Cisco VPN server

Thanks
0
Comment
Question by:madunix
  • 4
  • 2
6 Comments
 
LVL 61

Expert Comment

by:gheist
ID: 12210466
Basically mpd does not do IPSEC and ISAKMP, the protocols Cisco VPN client uses.
0
 
LVL 25

Author Comment

by:madunix
ID: 12211383
Then what should I use to implement  a vpn client or server using IPSEC under FreeBSD?

Thnaks
0
 
LVL 61

Expert Comment

by:gheist
ID: 12211956
KAME Racoon (ports/security/racoon) or OpenBSD isakmpd (ports/security/isakmpd).
Instructions:
http://www.vpnc.org/testing.html
Search google for tips
mpd will work with windows builtin PPTP client
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 61

Expert Comment

by:gheist
ID: 12212144
For isakmpd, main ideas are here:
http://www.openbsd.org/cgi-bin/man.cgi?query=vpn
For Racoon here:
http://netbsd.gw.com/cgi-bin/man-cgi?racoon
Instructions are mostly alike on FreeBSD, I have seen FreeBSD unable to kldload some encapsulation drivers dynamically using kldload, so be careful...
I use mostly isakmpd in static conditions, and few windows native VPN clients ( made by SafeNet ???).
0
 
LVL 25

Author Comment

by:madunix
ID: 12212510
Stop in /usr/ports/sysutils/portupgrade.
sdcftp# cd /usr/ports/ftp/wget && make all install clean
Dependency warning: used OpenSSL version contains known vulnerabilities
Please update or define either WITH_OPENSSL_BASE or WITH_OPENSSL_PORT
*** Error code 1

Stop in /usr/ports/ftp/wget.

sdcftp# cd /usr/ports/sysutils/portupgrade/ && make all install clean
===>  Vulnerability check disabled
===>  Extracting for portupgrade-20040701_3
>> Checksum OK for pkgtools-20040701.tar.bz2.
===>   portupgrade-20040701_3 depends on file: /usr/local/bin/ruby18 - not found
===>    Verifying install for /usr/local/bin/ruby18 in /usr/ports/lang/ruby18
Dependency warning: used OpenSSL version contains known vulnerabilities
Please update or define either WITH_OPENSSL_BASE or WITH_OPENSSL_PORT
*** Error code 1

Stop in /usr/ports/lang/ruby18.
*** Error code 1

Stop in /usr/ports/sysutils/portupgrade.


how can i update my openssl?

i need it for the vpn...










0
 
LVL 61

Accepted Solution

by:
gheist earned 50 total points
ID: 12212831
You need to upgrade base system first :-(

http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvsup.html
use RELENG_4_9 for FreeBSD 4.9 and so on

then rebuild kernel
cd /usr/src/sys/ir86/conf
config GENERIC
cd ../../compile/GENERIC
make depend ; make && make install
reboot
....

(looks like you missed only this)
cd /usr/src
make -j 10 world
reboot

now your system is updated to handle current ports tree ( and has all current ports tree)
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This tech tip describes how to install the Solaris Operating System from a tape backup that was created using the Solaris flash archive utility. I have used this procedure on the Solaris 8 and 9 OS, and it shoudl also work well on the Solaris 10 rel…
I promised to write further about my project, and here I am.  First, I needed to setup the Primary Server.  You can read how in this article: Setup FreeBSD Server with full HDD encryption (http://www.experts-exchange.com/OS/Unix/BSD/FreeBSD/A_3660-S…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now