From owner-FreeBSD-users-jp@jp.freebsd.org  Mon Jun  5 06:45:46 2000
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id GAA50689;
	Mon, 5 Jun 2000 06:45:46 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from Pismo.QIX.ORG (project.qix.org [210.154.1.108])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id GAA50684
	for <FreeBSD-users-jp@jp.freebsd.org>; Mon, 5 Jun 2000 06:45:44 +0900 (JST)
	(envelope-from ogata@isp.qix.org)
Received: from localhost (Librettot.Apple.QIX.ORG [172.21.139.23])
	by Pismo.QIX.ORG (8.8.8/3.7W) with ESMTP id GAA25387;
	Mon, 5 Jun 2000 06:45:40 +0900 (JST)
Message-Id: <200006042145.GAA25387@Pismo.QIX.ORG>
To: FreeBSD-users-jp@jp.freebsd.org
Cc: ogata@isp.qix.org
From: OGATA <ogata@isp.qix.org>
In-Reply-To: <20000601041022A.ume@mahoroba.org>
References: <20000601014939D.chihiro@hokari.kashiwazaki.niigata.jp>
	<200005311710.CAA16549@Pismo.QIX.ORG>
	<20000601041022A.ume@mahoroba.org>
X-Mailer: Mew version 1.94.1 on XEmacs 21.1 (Canyonlands)
X-fingerprint: C3 E7 5D 30 E5 A0 19 99  CE 9D CC 26 79 F3 AD C1
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Date: Mon, 05 Jun 2000 06:44:37 +0900
X-Dispatcher: imput version 990905(IM130)
Lines: 75
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+000315
X-Sequence: FreeBSD-users-jp 52233
Subject: [FreeBSD-users-jp 52233] Re: [Q] IPSec
 =?ISO-2022-JP?B?GyRCJE48Qjg9Sn1LIRsoQg==?= 
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org
X-Originator: ogata@isp.qix.org

$B=oJ}$G$9!#(B

From: Hajimu UMEMOTO ($BG_K\(B $BH%(B) <ume@mahoroba.org>
Subject: [FreeBSD-users-jp 52165] Re: [Q] IPSec $B$N<B8=J}K!(B 
Date: Thu, 01 Jun 2000 04:10:22 +0900
Message-ID: <20000601041022A.ume@mahoroba.org>

>   $BF|K\8l$N%I%-%e%a%s%H$,$"$k$N$+$I$&$+$O;DG0$J$,$iCN$j$^$;$s!#(B
>   stunnel $B$O(B SSL $B%H%s%M%k$r9T$&$?$a$N%D!<%k$G$9!#;d$bNI$/;H$C$F$$$^$9!#(B
> $BN`;wIJ$H$7$F!"(Bbjorb $B$,$"$j$^$9!#$3$C$A$O9q;:!#(B
>   $B4JC1$K8@$&$H!"(Bstunnel $B$O(B SSL $B$r;H$C$?%"%W%j%1!<%7%g%s%l%Y%k$G$N%H%s(B
> $B%M%j%s%0$G$9!#BP$7$F!"(BIPsec $B$O(B IP $B%l%Y%k$G0E9f2=$7$^$9!#(B

$B@bL@$"$j$,$H$&$4$6$$$^$9!#(B

$B$H$3$l$@$1$8$c$"$s$^$j$J$N$G(B Very nice FAQ for stunnel $B$N(B 6. Examples of
 running stunnel $B$N(B Setting up PPP over stunnel (Make your own VPN) $B$N9`$r(B
$BLu$7$F$_$^$7$?!#<B:]$K;n$7$F$O$$$J$$$N$G;29MDxEY$K$I$&$>!#(B
# $BLu$N$D$C$3$_4?7^(B :-) $B$b$A$m$sE,@Z$JLuIU$-$r4|BT!#(B



--- $B$3$3$+$i(B ---

Setting up PPP over stunnel (Make your own VPN)
stunnel $B>e$G(B PPP $B$r9T$J$&@_Dj(B (VPN $B$N:n$jJ}(B)

  o Set up your ppp configuration as you would if you were just using a
 normal dialup connection, including any passwords required. 
  $B%Q%9%o!<%I$NMW5a$,4^$^$l$?IaDL$N%@%$%d%k%"%C%W@\B3$r;H$&$J$i(B ppp $B$N@_Dj$r(B
$B9T$J$$$^$9!#(B

    There is no step-by-step description I can give for you here, as this
 is different from OS to OS. Working submissions encouraged. 
    OS $B4V$K$h$C$F(B($B@_DjJ}K!$,(B)$B0[$J$k$N$G$3$3$G$OCJ3,E*$J5-=R$r<($9$3$H$,(B
$B$G$-$^$;$s!#?d>)$9$k=g=x$O:n@.Cf$G$9!#(B
  o Read about setting up stunnel on the previous pages. 
    $BA0%Z!<%8$N(B stunnel $B$N@_Dj$rFI$s$G$/$@$5$$!#(B
  o Set up stunnel on the server in either daemon or inetd mode with the
 following meta-arguments: 
    $B%5!<%P>e$G$N(B stunnel $B$N@_Dj$O(B daemon $B$H(B inetd $B%b!<%I$N$I$A$i$+$G0J2<$N(B
$BJQ2=0z?t$rH<$&!#(B

      (stunnel) (stunnel args)  -L /dir/to/pppd -- pppd local

    for example
    $BNc(B
    stunnel -d 5555 -v 1 -D 7 -L /usr/sbin/pppd -- pppd local 

  o Run stunnel on the client with the following meta-arguments: 
    $B%/%i%$%"%s%H>e$G(B stunnel $B$N<B9T$K$O0J2<$NJQ2=0z?t$rH<$&!#(B  

      (stunnel) (stunnel args)  -L /dir/to/pppd -- pppd local
             
    for example
    $BNc(B
    stunnel -c -r remote:5555 -D 7 -L /usr/sbin/pppd -- pppd local 

You could also look at this
 URL(http://www.inka.de/~bigred/sw/ssh-ppp-new.txt) which describes setting
 up ppp over an ssh connection. Setting up ppp over stunnel is similar. 
ssh $B@\B3>e$N(B ppp $B$N@_Dj$r=R$Y$F$$$k$3$N(B
 URL(http://www.inka.de/~bigred/sw/ssh-ppp-new.txt) $B$G$b@_Dj$r8+$k;v$,$G$-$k!#(B

If anyone specific implementations they'd like to share, complete with
 how to set up pppd on your OS), please inform the FAQ Maintainer and
 I'll make them available. 
$B$b$7!"$=$l$i$,;}$DFCDj$N<BAu$N6&M-$r9%$`$J$i!"(BOS $B$N(B pppd $B$N@_Dj$NJ}K!$r(B
$B40@.$5$;$F(B FAQ $B4IM}<T$KO"Mm$7$F$=$l$i$rMxMQ$G$-$k$h$&$K$7$F$[$7$$!#(B

--- $B$3$3$^$G(B ---



OGATA Hiroshi <ogata@isp.qix.org>
