Firewall + VPN SERVER

Wil McGilvery wmcgilvery-6d3DWWOeJtE at public.gmane.org
Tue Mar 23 12:54:22 UTC 2004 

I am currently running a version of smoothwall with VPN tunnels for remote access. I have both road warriors (check out http://vpn.ebootis.de/) and connections with Linksys routers (The routers I use function as VPN End Points). 

This setup works very well, but there are two draw backs.

1) I can only use passphrases and not certificates.
2) Rogers does end up changing IP addresses every now and then and I find that every 2 months or so I have to reset the VPN tunnel.

I did have my own firewall with VPN configured before I went with Smoothwall, but I had the same issue with Rogers even with my own setup. (I don't use Rogers at work, but several employees do at home)

If you have people on Bell Sympatico, I would set them up with as a road warrior.

I switched to Smoothwall because it was simple to set up and simple to train my staff how to use it. It is not an extensive firewall and if you want complete control over Intrusion Detection etc, then you are better off building your own or buying a better product.

Regards,

Wil McGilvery
Manager
Lynch Digital Media Inc

         

416-744-7949
416-716-3964 (cell)
1-866-314-4678
416-744-0406  FAX
www.LynchDigital.com


-----Original Message-----
From: Paul Kozlenko [mailto:pkozlenko-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org] 
Sent: Monday, March 22, 2004 9:41 PM
To: TLUG
Subject: [TLUG]: Firewall + VPN SERVER

Can anybody on this list recommend a firewall distro that also contains
a vpn SERVER.

Looked at Smoothwall and did not see anything that would suggest that it
could be a server. It can make a connection between 2 smoothwall boxes.

I was looking for something where I could have a client on a Window$ PC
establish the vpn connection to a firewall.

One point however. The firewall is on Rogers and therefore has a
semi-fixed IP.  But no control over public DNS as it seems is required
by freeswan (unless I am mistaken).

The simpler the config (or the better the help) the better.

Any help or feedback would be welcome.

Thanks
- Paul

--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml

More information about the Legacy mailing list