You should really look at
http://www.astaro.com. It does exactly what
you want to do. There is a free hobbyist license too.
On Wed, 14 Jan 2004, Craig White wrote:
> I was planning on using Smoothwall to set up as a firewall router for a
> clients' network - I had used it in the past with some success. I have
> come to realize that their opensource release doesn't support multiple
> external ip addresses and that is a requirement.
>
> Part of the functionality I am looking for is to permit some users to
> work from home and Windows clients can use L2TP/IPSec to VPN into the
> lan and spent some time examining the documentation for this on
> Microsoft's web site. I could always use 1 or more of the WinXP
> Professional Workstations to handle the VPN connections but these
> machines would have to be on 24/7, are limited to 3 concurrent
> connections (I may never exceed this, but if it's as popular as I think
> it will be, I might need to exceed this) and then there's the whole
> issue of logging and security that is most difficult to monitor.
>
> Thus, I am revisiting the entire option of firewall/router and FreeS/wan
> and I am wondering:
>
> 1 - Is there an open source package that includes support for
> kernel/freeS/wan updates that I could use and still be able to dmz
> multiple external ip addresses?
>
> 2 - Is anyone currently doing this? Any recommendations? If I use say a
> Red Hat distro, every time there is a kernel security errata (a little
> too frequently these days), I would have to either rebuild the kernel or
> rebuild the freeS/wan module - a PITA (makes a ClarkConnect system for
> $125 look attractive).
>
> 3 - Is there any web pages / info that can tell me how to use openssl to
> create certificates which are acceptable to Windows 2000/XP clients that
> I can give to remote clients to use to authenticate themselves with
> freeS/wan or should I stay with PSK?