VPN Connection via OpenBSD

We have an OpenBSD firewall as the entry point to a small network of 4 Windows 2003 servers.
Could you give me some step by step instructions on how to set up the firewall so I can VPN into one of the servers from my Home PC?
I have fix IPs at both ends (point to point VPN) and Vista Business at home.
The firewall uses pf.conf for IP translation.
mihaiszAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Syed Mutahir AliTechnology ConsultantCommented:
Hi,

What Kind of vpn is that ? PPTP or IPSEC ?
Check the following link for Ports used in PPTP, I have attached a OPENBSD PF ebook tutorial which will help you understand port redirection and filtering .

http://compnetworking.about.com/od/vpn/l/bl012101a11.htmhttp://compnetworking.about.com/od/vpn/l/bl012101a11.htm

Will update as and when you reply

Hope this helps
Mutahir

pf-faq.pdf
0
mihaiszAuthor Commented:
Thanks mutahir!
I'm not very familiar with VPN protocols... All I want to do is to connect my home PC (Vista Business) to one of my Windows 2003 servers via the OpenBSD firewall. Does Windows know both PPTP and IPSEC?
Is this as simple as opening some ports on the firewall, configuring the the VPN Server Service on Win 2003 (http://technet.microsoft.com/en-us/library/cc736357.aspx), and configuring the VPN client on Vista?
Everything will be point to point (fix IP to fix IP) so I'm looking for the easiest solution to accomplish this.
0
mihaiszAuthor Commented:
I read some articles about this and my understanding is that IPSEC is with Cetificates, which I don't want to use at this point. So PPTP would be enough.
0
Protecting & Securing Your Critical Data

Considering 93 percent of companies file for bankruptcy within 12 months of a disaster that blocked access to their data for 10 days or more, planning for the worst is just smart business. Learn how Acronis Backup integrates security at every stage

Syed Mutahir AliTechnology ConsultantCommented:
Hi Milhaisz,

IPSEC is not neccessarily with certificates, but you can use pptp, as far as Opening ports on BSD Firewall, I will have to look into it ; I will keep you posted on this and hopefully will have something by tomorrow; moreover did the attached pdf helped you ? I think it might be able to direct you in opening ports on Open Bsd Firewall.



Regards
Mutahir
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
mihaiszAuthor Commented:
Thanks Mutahir.
I'm getting closer to a solution. The biggest issue is opening the tunnel through the Firewall, and the GRE protocol 47 in particular. I know how to forward PPTP port 1723.
0
Syed Mutahir AliTechnology ConsultantCommented:
Oh, are you stuck in the right commands for opening the tunnel ?

I will look into it and will post here ASAP.

Best of Luck
0
mihaiszAuthor Commented:
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Unix OS

From novice to tech pro — start learning today.