# MacOS X VPN client vs. FreeBSD IPSec VPN Server



## dyp (Jan 5, 2011)

Hi All,

I would like connect my Mac (snow leopard) from home to my Pro Internet Gateway.
The Gateway is FreeBSD 8.2 rc with multiple network interface, with PF firewall.

Mac Client ---> Internet Box (router mode) ----> Internet ---> Internet Box (bridge mode) ---> ext interface ---> FreeBSD + PF ---> Int interface ---> Enterprise Network

FreeBSD Network Conf:

```
ppp_enable="YES"
ppp_mode="ddial"
#ppp_nat="YES"   # if you want to enable nat for your local network, otherwise N
ppp_profile="wanadoo"

ifconfig_bge1="inet 172.20.xx.y netmask 255.255.255.0"
ftpproxy_enable="YES"
pf_enable="YES"                 # Enable PF (load module if required)
pflog_enable="YES"              # start pflogd(8)
gateway_enable=YES          # Set to YES if this host will be a gateway
```


```
bge1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=8009b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,LINKSTATE>
	ether 00:21:9b:fc:43:11
	inet 172.20.xx.1 netmask 0xffffff00 broadcast 172.20.55.255
	media: Ethernet autoselect (1000baseT <full-duplex,flowcontrol,rxpause,txpause>)
	status: active
pflog0: flags=141<UP,RUNNING,PROMISC> metric 0 mtu 33152
pfsync0: flags=0<> metric 0 mtu 1460
	syncpeer: 224.0.0.240 maxupd: 128
enc0: flags=0<> metric 0 mtu 1536
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1492
	options=80000<LINKSTATE>
	inet a.b.c.d --> xx.xx.xx.xx netmask 0xffffffff 
	Opened by PID 794
```


I wish mount a VPN tunnel with passphrase authentication.
I seen lot of tutos and samples with site to site configuration, but none with remote access.

Is it possible to mount a full IPSec tunnel directly from an OS client to a FreeBSD vpn server?
Then what is the appropriate configuration?

Regards,

David


----------



## SirDice (Jan 7, 2011)

dyp said:
			
		

> I wish mount a VPN tunnel with passphrase authentication.
> I seen lot of tutos and samples with site to site configuration, but none with remote access.
> 
> Is it possible to mount a full IPSec tunnel directly from an OS client to a FreeBSD vpn server?
> Then what is the appropriate configuration?


A site-to-site VPN and a client-to-server VPN are basically the same thing. It's how they are used that makes them different.


----------



## dyp (Jan 8, 2011)

Hi,

Thanks for your response, but on witch parameters shall I modify?

Sorry, but for VPN I'm a newbie.

Regards


----------

