Jun Salen wrote: > I just want to know what are the requirement to > implement VPN. Any other suggestion for other > technology? What I want is to connect small remote > office to main office. What type of connection do I > need? E1, DSL or Dial-up?
Short answer: no minimum. I've successfully run both IPSEC and OpenVPN-based VPNs on everything from dialup to gigabit fiber and much of what is in between. Longer answer: it depends on what you want to do. If you want to be able to do stuff like secure VoIP or video conferencing over your VPN then clearly, both ends of the VPN must have enough bandwidth to actually support the application without the VPN, and a little extra because the use of the VPN will add latency and reduce your bandwidth due to the overhead of encrypting and decrypting packets on both ends. If all you need to do is do simple stuff like looking at internal websites, transferring files between branch offices, or sending internal e-mail between both of them without your unencrypted mail traveling over the Internet, you should be fine no matter what type of connection you have, as long as it is reasonably reliable. > Can I implement this using > just dial-up connection or just a DSL connection as > minimum requirements. I want to implement this using > Linux, what software do I need? Can anybody suggest > please. Thanks. The easiest and most reasonably secure VPN software I know of for GNU/Linux is OpenVPN [1]. Its protocol is based on the SSL/TLS protocol which gives it a bit more credibility on the security front than other nonstandard VPN protocols that have been proposed. IPsec is the Internet standard VPN protocol, and should be used if you're trying to interoperate with existing VPN router/firewall devices or want better overall security, as this has undergone a lot more security analysis than OpenVPN has. It is, for now however, much more difficult to configure than OpenVPN, and has problems operating under certain circumstances (e.g. if one end of the VPN tunnel you're trying to make is behind a firewall or NAT). The canonical IPsec implementation for GNU/Linux is openswan [2]. [1] http://openvpn.net/ [2] http://www.openswan.org/ -- You do know that facts have a strong liberal bias... http://stormwyrm.blogspot.com/ _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List plug@lists.linux.org.ph (#PLUG @ irc.free.net.ph) Read the Guidelines: http://linux.org.ph/lists Searchable Archives: http://archives.free.net.ph
