Ryan McBride mcbride at COUNTERSIEGE.COM
Sun Jan 7 20:18:14 EST 2001

On Sat, Jan 06, 2001 at 01:35:27PM -0800, Baumgardner, James wrote:
> I'm wanting to setup a VPN to connect my main office to 2 smaller branch
> ofices.  I'm going to use OpenBSD to connect them, but I am at a loss on
> how to allow individual dial-up people in the field to connect to the VPN.
> Can anyone recommend a good client software, and some help on configuring
> the server side to allow connections?  I've read up enough to do the
> static connections, but can't seem to figure out the others.

The OpenBSD IPSec FAQ has a lot of good information, including a list
of windows clients:


I have had good experiences (both with OpenBSD and other VPN Gateways)
with the SafeNet Soft-PK client (The same client listed as Cisco IRE
in the above FAQ.)


Last time I checked there was a good description of setting up a
dial-up client using x509 authentication with OpenBSD at but I can't seem to connect to
this server now. Maybe it'll be up by the time you get this :-)

Here is some information on making it work with Win2K's IPSEC, using
shared secrets:

There are also some gems of information in the OpenBSD misc@ and tech@
mailing list archives. You might want to do some searching yourself,
but I found this with a quick search:

That's all I could think of off the top of my head; I don't have my
configuration files for the SafeNet Soft-PK client, but I can dig
those up if you're interested.


Ryan McBride - mcbride at
Systems Security Consultant
Countersiege Systems Corporation -

VPN is sponsored by SecurityFocus.COM

More information about the VPN mailing list