Do you really need to use IPsec? If not try OpenVPN (www.openvpn.org)
it's an SSL/TLS VPN, it.s VERY easy to setup works like a charm on OBSD
and is quite happy sitting behind a NAT'd Internet connection. All you
need to do is reverse PAT UDP 1194 from you router's/Firewall's external
interfaces to their repective OBSD partners.
It can do Client -> Firewall and Firewall -> Firewall VPN's and any mix
in between.
And interestingly enough seems quicker than my 3.6->Checkpoint IPsec VPN.
Just a suggest.
Helio Santana wrote:
Hi,
first excuse my english, please.
I'm trying to make a VPN between 2 computers with OpenBSD behind a
router that connected to internet (See schema)
Private LAN4 ------ OBSD_4 ---- Router_4 ---- Internet ---- Router_5
----- OBSD_5 ---- Private LAN5
Every OBSD has 2 net cards 1 connected to router, and the other to the
hub in private lan.
I have made all steps explained in "man vpn".
My private Lan's are 192.168.4.0/24 and 192.168.5.0/24. The Lan
between OBSD and router's are 192.168.41.0/24 and 192.168.51.0/24.
Routers redirect all incoming trafic to his respective OBSD and have
his Firewalls disabled.
External IP Router_4 is A.B.C.D, External IP Router_5 is W.X.Y.Z
All computers in LAN4 has access to internet and can make a ping to W.X.Y.Z...
I can make an ssh connection from OBSD_4 to OBSD_5... even from an
conection from Internet.... I can make a ping, etc.
The only way I have make possible to connect the VPN is configuring
routers as modems (I don't know whats the name of this in english, in
spanish 'monopuesto').
But I need to do configuring both routers as routers (in spanish 'multipuesto').
Thanks in advance,
Helio.
