On Wed, Aug 31, 2011 at 6:30 PM, Wesley M. <open...@e-solutions.re> wrote: > What is the best way to build a vpn between an OpenBSD 4.9 gateway > and a Win7 workstation ?
I got this working here on our network, both for Win7 and Ubuntu clients going to an OpenBSD gateway. On the gateway, have /etc/ipsec.conf say something like # roadwarrior ike passive esp from any to gateway.ip.address peer any psk your-rand0m-password-here ike passive esp from gateway.ip.address to any psk your-rand0m-password-here And on your Win7 client, get Shrew VPN[0] and add a configuration with the following auth: Phase 1: - Exchange type: main - DH Exchange: group 2 - Cipher algorithm: aes - Cipher key length: 256 Bits - Hash algorithm: sha1 Phase 2: - Transform length: aes - Transform key length: 256 Bits - HMAC algorithm: sha1 - PFS Exchange: group 2 - Compression algorithm: deflate Policy: - add a topology entry that matches your internal network [0] http://www.shrew.net/download/vpn -- Zak B. Elep || orangeandbronze.com 1486 7957 454D E529 E4F1 F75E 5787 B1FD FA53 851D
