[ previous ] [ next ] [ threads ]
 
 From:  "Magne Andreassen" <magne dot andreassen at bluezone dot no>
 To:  "'Greg Sims'" <greg underscore sims at earthlink dot net>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] IPSEC from Dial-Up
 Date:  Tue, 21 Oct 2003 21:45:13 +0200
Greg Sims wrote:
> I need to configure m0n0wall so we can access the router
> while we're on the road using a dial-up account.  We would
> like to use IPSEC to provide a secure connection into the router.  Is
> this possible? 
> 
> I need to understand how to configure the following couple of fields
> in m0n0wall: 
> 
> 	Remote Subnet: ??
> 	Remote Gateway: ??
> 
What kind of clients are you using? If windoze, then i would recommend
you consider using PPTP. Easy to setup both on your winbox and m0n0wall.
Only thing you need to do is enable PPTP server in m0n0wall, fill in the
server address and remote address range. If you are running a radius
server on you LAN(eg. MS IAS), you get a central managment of your user
accounts. If not, use m0n0wall's built-in user account and add users to
it.
Now on your windoze machine, add a new network connection and choose 
"Connect to a private network(VPN)" and fill in the ip-address of 
m0n0walls WAN interface(or FQDN).
Checking "Require 128-bit encryption" on the PPTP properties page on
m0n0wall enabels clients to use 128-bits encryption when connecting.
(unencrypted connections will not be accepted)

With this setup, you dont have to worry about remote subnet or gateway
since a client can connect via VPN from any ip as long as the username
and password is accepted.


Magne