Firewall + VPN SERVER

Akshay Lamba alamba-KEM+DXFYpnDQT0dZR+AlfA at public.gmane.org
Tue Mar 23 15:53:08 UTC 2004


Try freeswan Paul. The IP change from rogers should'nt make much of a
difference if they're only changing it once in a couple of months.
Configuring it is pretty easy via webmin though a bit of work needs to
go in for roadwarrior connections. (http://vpn.ebootis.de/    helps in
roadwarrior connections.) I have this implemented in my corporate head
office and it seems to work fine. Ofcourse it's no where close to a
cisco vpn box in terms of flexibility and ease of
use/implementation/debugging.

Regards,
Akshay



-----Original Message-----
From: owner-tlug-lxSQFCZeNF4 at public.gmane.org [mailto:owner-tlug at ss.org] On Behalf Of Wil
McGilvery
Sent: Tuesday, March 23, 2004 6:24 PM
To: tlug-lxSQFCZeNF4 at public.gmane.org
Subject: RE: [TLUG]: Firewall + VPN SERVER

I am currently running a version of smoothwall with VPN tunnels for
remote access. I have both road warriors (check out
http://vpn.ebootis.de/) and connections with Linksys routers (The
routers I use function as VPN End Points). 

This setup works very well, but there are two draw backs.

1) I can only use passphrases and not certificates.
2) Rogers does end up changing IP addresses every now and then and I
find that every 2 months or so I have to reset the VPN tunnel.

I did have my own firewall with VPN configured before I went with
Smoothwall, but I had the same issue with Rogers even with my own setup.
(I don't use Rogers at work, but several employees do at home)

If you have people on Bell Sympatico, I would set them up with as a road
warrior.

I switched to Smoothwall because it was simple to set up and simple to
train my staff how to use it. It is not an extensive firewall and if you
want complete control over Intrusion Detection etc, then you are better
off building your own or buying a better product.

Regards,

Wil McGilvery
Manager
Lynch Digital Media Inc

         

416-744-7949
416-716-3964 (cell)
1-866-314-4678
416-744-0406  FAX
www.LynchDigital.com


-----Original Message-----
From: Paul Kozlenko [mailto:pkozlenko-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org] 
Sent: Monday, March 22, 2004 9:41 PM
To: TLUG
Subject: [TLUG]: Firewall + VPN SERVER

Can anybody on this list recommend a firewall distro that also contains
a vpn SERVER.

Looked at Smoothwall and did not see anything that would suggest that it
could be a server. It can make a connection between 2 smoothwall boxes.

I was looking for something where I could have a client on a Window$ PC
establish the vpn connection to a firewall.

One point however. The firewall is on Rogers and therefore has a
semi-fixed IP.  But no control over public DNS as it seems is required
by freeswan (unless I am mistaken).

The simpler the config (or the better the help) the better.

Any help or feedback would be welcome.

Thanks
- Paul

--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml

--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml





More information about the Legacy mailing list