101TECH

I am using Bill Shuff's toaster patch ( thanks bill , you rule ! ) , for some reason make cert did not work. I create the certs manually :

#openssl req -newkey rsa:1024 -x509 -nodes -days 3650 -out servercert.pem -keyout servercert.pem

qmail did show TLS up but i got an error : 

#openssl s_client -debug -crlf -starttls smtp -connect localhost:25
50883:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s23_clnt.c:562:

scratching my head around the net I found this and run :

#openssl ciphers > /var/qmail/control/tlsclientciphers #openssl ciphers > /var/qmail/control/tlsserverciphers 

which fixed it all: 

#openssl s_client -crlf -starttls smtp -connect localhost:25

CONNECTED(00000003)

If you have more then one subnet behind your vpn you need to add the following to your vpn.conf :

route-method exe

and make sure you run openvpn as an administrator

I have the intel 2200bg wirelss card and used the iwi-firmware .

Load modules at boot :

vi /boot/loader.conf
if_iwi_load=”YES”
wlan_load=”YES”
firmware_load=”YES”
legal.intel_iwi.license_ack=1

configure iwi network options :

vi /etc/rc.conf
ifconfig_iwi0=”WPA DHCP”

configure WPA settings :

vi /etc/wpa_supplicant.conf
ctrl_interface_group=0
network={
ssid=”ssid”
key_mgmt=WPA-PSK
psk=”shared-key”
}