Re: VPN - Which way to go?
Alphons Fonz van Werven wrote: Howdy people, I need to setup a VPN connection to the university's network. Now, there's a chapter in the handbook about VPN over IPsec and there seems to be this thing called OpenVPN in the ports collection. Which is the better way to go? The handbook still seems only to describe how to do IPSEC over a gif tunnel. I've no idea what the point of that is, but AFAIK, it means you can only use that method to connect two FreeBSD machines. Assuming your university is using IPSEC, then here's a few links I found useful is setting up IPSEC and racoon to connect, in this case, to a Sonic Wall. http://www.mail-archive.com/[EMAIL PROTECTED]/msg19089.html http://www.lacave.net/~fred/racoon/config.html http://www.netbsd.org/docs/network/ipsec/ You could also investigate http://m0n0.ch/wall/ if you want a dedicated firewall that's IPSEC capable. Never tried it myself, though, just found links while investigating IPSEC. --Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: VPN - Which way to go?
I need to setup a VPN connection to the university's network. Now, there's a you mean VPN client or client server. first case - ask what kind of VPN do they use, probably they will know about unix client second case - use ports/net/vtun if you use unix only, ports/net/mpd - windoze compatible VPN - you use standard windoze VPN client (VPN card). ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: VPN - Which way to go?
I am not an expert in Internet security but it seems to me that IPsec is way to go if you are serious about VPN. and vtun? it uses it's own protocol but it's fast, efficient, and very easy to use. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
VPN - Which way to go?
Howdy people, I need to setup a VPN connection to the university's network. Now, there's a chapter in the handbook about VPN over IPsec and there seems to be this thing called OpenVPN in the ports collection. Which is the better way to go? All I need is to obtain an IP address within the university's IP range (because otherwise I can't use their outgoing STMP), that's all. So as simple a solution as possible would be preferred. Suggestions are welcome. Alphons -- All right, that does it Bill [Donahue]. I'm pretty sure that killing Jesus is not very Christian. -- pope Benedict XVI, South Park episode #158 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: VPN - Which way to go?
On Wed, 5 Mar 2008 at 23:21 -, [EMAIL PROTECTED] confabulated: Howdy people, I need to setup a VPN connection to the university's network. Now, there's a chapter in the handbook about VPN over IPsec and there seems to be this thing called OpenVPN in the ports collection. Which is the better way to go? All I need is to obtain an IP address within the university's IP range (because otherwise I can't use their outgoing STMP), that's all. So as simple a solution as possible would be preferred. Suggestions are welcome. We have a Cisco VPN set up where our servers are being colocated. I'm using vpnc: /usr/ports/security/vpnc The configuration file has IPSec set up using its parameters: IPSec gateway IPSec ID IPSec obfuscated secret Don't know if this helps or not. - _|_ |_| | ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: VPN - Which way to go?
On Wednesday 05 March 2008 06:21:47 pm Alphons Fonz van Werven wrote: I need to setup a VPN connection to the university's network. Now, there's a chapter in the handbook about VPN over IPsec and there seems to be this thing called OpenVPN in the ports collection. Which is the better way to go? All I need is to obtain an IP address within the university's IP range (because otherwise I can't use their outgoing STMP), that's all. So as simple a solution as possible would be preferred. Unless you control a machine on the university side you'll have to use something interoperable with their setup. I think OpenVPN is great and use it regularly, but as far as I know it only interoperates with OpenVPN, and I'd be surprised if your university were using it. See what you can find out about the setup on the other side. If they have some sort of generic setup guide for Windows users you can probably deduce from that. If it's a straight PPTP VPN (like you'd use with Windows' dial-up networking sans IPSEC) you can use net/poptop. If they require some kind of client then you may or may not be able to get it to work, but do ask again if you learn more about what's on the other side and get stuck. JN ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: VPN - Which way to go?
John Nielsen wrote: I think OpenVPN is great and use it regularly, but as far as I know it only interoperates with OpenVPN, and I'd be surprised if your university were using it. Well, it seems like OpenVPN works for the Linux guys here... But anyway, I'll go ask around about the exact setup. Thanks, Alphons -- All right, that does it Bill [Donahue]. I'm pretty sure that killing Jesus is not very Christian. -- pope Benedict XVI, South Park episode #158 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: VPN - Which way to go?
Alphons Fonz van Werven wrote: John Nielsen wrote: I think OpenVPN is great and use it regularly, but as far as I know it only interoperates with OpenVPN, and I'd be surprised if your university were using it. Well, it seems like OpenVPN works for the Linux guys here... But anyway, I'll go ask around about the exact setup. I do not know if you guys received my original message so I will repeat. IPsec is part of IPv6 security enchantment which is back ported to IPv4. OpenVPN is open source project released under GPL license which is not fully compliant VPN protocol (not compliant with IPsec) but easy to configure. Unless all of your client machines use OpenVPN you will be in big troubles. Cisco VPN is a joke and there is published algorithm how to brake into it. If you do not believe me follow the link http://www.unix-ag.uni-kl.de/~massar/bin/cisco-decode All above being said Cisco 3000 is very popular and it looks good in the eyes of management. I am not an expert in Internet security but it seems to me that IPsec is way to go if you are serious about VPN. Cheers, Predrag P. S. Make no mistake. OpenVPN has nothing to do with OpenBSD project. As a matter of fact OpenBSD guys highly favor IPsec over OpenVPN. Thanks, Alphons ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
