Vincent Chen writes: > I am trying to figure out how to let roaming users > access internal resource via freebsd as IPsec gateway. > Because they have dynamic IPs. How can I write > security policy to deal with this? Is there any IPsec > client for windows platform available?
It depends on the client. racoon supports accepting connections from arbitrary IP addresses. On Win2k you can use the built-in client if you go through the complex configuration required. Even so, you have to reconfigure everytime your IP address changes. Better yet, buy a commercial IPSec client such as Netscreen. > it ok to let ESP packet coming in and out from anywhere? Yes. -Archie __________________________________________________________________________ Archie Cobbs * Packet Design * http://www.packetdesign.com To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
