Discussion:
Some hints to set up a PPTP or L2TP VPN client under OpenBSD
Add Reply
Максим
2017-12-03 08:27:36 UTC
Reply
Permalink
Raw Message
Hello,
Where can I find any useful information about setting up a VPN client
(PPTP or L2TP) in recent versions of OpenBSD?
Everything I found goes about OpenBSD version 3.8.

--
Best regards
Maxim Rodin
Denis
2017-12-03 10:29:47 UTC
Reply
Permalink
Raw Message
Hi,

Are you going to use OpenBSD as a client of MS Win server using L2TP and
mschap auth?

Thanks.
Post by Максим
Hello,
Where can I find any useful information about setting up a VPN client
(PPTP or L2TP) in recent versions of OpenBSD?
Everything I found goes about OpenBSD version 3.8.
--
Best regards
Maxim Rodin
Максим
2017-12-04 05:21:11 UTC
Reply
Permalink
Raw Message
Hi, Denis.
At the moment I'd like to connect to a Mikrotik router which
was set up as a VPN server.
From Ubuntu and Windows I'm able to connect
using built in solutions.
If there are some differences in MS Windows VPN Server
which I should take into account when connecting
from OpenBSD client, I'd be glad to know them as well.

Thanks in advance.
--
Maxim Rodin
Post by Denis
Hi,
Are you going to use OpenBSD as a client of MS Win server using L2TP and
mschap auth?
Thanks.
 Hello,
 Where can I find any useful information about setting up a VPN client
 (PPTP or L2TP) in recent versions of OpenBSD?
 Everything I found goes about OpenBSD version 3.8.
 --
 Best regards
 Maxim Rodin
Stuart Henderson
2017-12-04 11:36:12 UTC
Reply
Permalink
Raw Message
Post by Максим
Hi, Denis.
At the moment I'd like to connect to a Mikrotik router which
was set up as a VPN server.
From Ubuntu and Windows I'm able to connect
using built in solutions.
If there are some differences in MS Windows VPN Server
which I should take into account when connecting
from OpenBSD client, I'd be glad to know them as well.
OpenBSD has built-in support for IPsec client and server (IKEv1: isakmpd,
IKEv2: iked). L2TP and PPTP *servers* are also built in (npppd), but not
clients.

MikroTik do have IKEv1 and IKEv2 support. If it works, IKEv2 is likely to
be the best option (I don't have an MT box to test with at the moment).
Information about setting up their side:
https://wiki.mikrotik.com/wiki/Manual:IP/IPsec#Road_Warrior_setup_Ikev2_RSA_auth

If you are forced to use something else, there is some support for L2TP
via xl2tpd (in packages), but it's a bit messy. If you need to resort to
this, use the version from -current ports, and see the pkg-readme.
Loading...