Randomly assuming a bunch of stuff, what you could do is to swap from "router mode" to "access point" mode on the router. Connect the router to the OpenBSD box. Enable dhcpd, authpf and IPsec on the NIC connected to the access point. You could even make it an open wifi network, since no unauthorized traffic will pass anyway due to authpf.
To make the IPsec configuration mega-easy with dhcp, you could assign "fixed" dhcpd-IPs based on MACs. Note that anyone would be able to get a certain IP as long as the corresponding MAC is presented.
|