DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 21st October 2010
mikesg's Avatar
mikesg mikesg is offline
I can has a title?
 
Join Date: Aug 2009
Posts: 26
Thanked 1 Time in 1 Post
Default IPSEC VPN endpoint with multiple road warriors

After a lot of reading of man pages, I created a basic IKE IPSEC VPN on OpenBSD 4.7 that works great. I've tested it using the Greenbow and Shrewsoft VPN clients from multiple locations and with multiple simultaneous connections (using the same PSK). I would like to be able to have some sort of authentication method that I can control per user, rather than a global key everyone shares. I'm not sure where to go from here though. Most of what I have read online refers to gateway-to-gateway VPN's with the rest of the responses out of date or RTFM replies. Hoping to find some good direction here. TIA!
__________________
Mike
Reply With Quote
  #2   (View Single Post)  
Old 31st October 2010
mikesg's Avatar
mikesg mikesg is offline
I can has a title?
 
Join Date: Aug 2009
Posts: 26
Thanked 1 Time in 1 Post
Default

Bump. Is it that bad a question? Oo
__________________
Mike
Reply With Quote
  #3   (View Single Post)  
Old 31st October 2010
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,886
Thanked 214 Times in 189 Posts
Default

OK. I've looked again at your original post. I use neither Greenbow nor Shrewsoft, though I have tested with the latter, a long time ago, and used only shared passphrases.

OpenBSD's ISAKMPD implementation allows four different types of key authentication: shared passphrase, host keys, x509 certificates, and keynote certificates. Host keys (without certificates) are shared key pairs, which are most easily used between OpenBSD instances, and that is all I use in production.

See what your software vendors Greenbow and Shrewsoft can provide, and use that.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Need Help Please About IPsec wong_baru FreeBSD Security 2 21st June 2010 08:00 AM
Road Warrior in VPN Purgatory bertonumnum OpenBSD Security 6 13th June 2009 10:53 AM
The road to 2009 TerryP Off-Topic 4 7th January 2009 06:05 PM
IPsec on openbsd hitete OpenBSD Installation and Upgrading 1 12th July 2008 01:57 AM
Multiple IPSEC Tunnel problem RMSZaphod FreeBSD Security 1 28th June 2008 10:08 AM


All times are GMT. The time now is 01:42 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick