On Fri, 30 Nov 2007, Khalid Schofield wrote:
Hi, I'd like to make a VPN Concentrator using openbsd. I want users to be able to authenticate using usernames and passwords and to either nat the users or give them an ip from our main dhcp server via a bridge.
That's a tall order. In Cisco-land a VPNC3000k will run you $5k plus SMARTNet. You'll need isakmpd(8) policies. You'll need dhclient-server relay support. You'll need XAuth authentication (Possibly via PAM). You'll need IPSEC NAT-T. Maybe tie it all together with LDAP and PKI.
