Re: VPN suggestions

2013-11-12 Thread Marios Makassikis
On 12 November 2013 20:42, Kapetanakis Giannis wrote: > On 12/11/13 19:29, Daniel Polak wrote: >> >> Original message from Kapetanakis Giannis at 8-11-2013 13:38 >>> >>> I would like to discuss some suggestions about VPN to multiple road >>> warriors. >>> >>> So far we're using OpenVPN, but I

Re: VPN suggestions

2013-11-12 Thread Daniel Polak
Original message from Kapetanakis Giannis at 12-11-2013 20:42 > >>> So far we're using OpenVPN, but I want to change that or at maybe >>> offer L2TP/IPsec in addition to OpenVPN. >> Have you considered using isakmpd? > > Yes my test implementation was with isakmpd and npppd. The problem is > t

Re: VPN suggestions

2013-11-12 Thread Marc Epstein
Ugh...please disregard my signature...it was auto added onstupid me *Marc* On Tue, Nov 12, 2013 at 2:54 PM, Marc Epstein < marc.epst...@tightropeinteractive.com> wrote: > Hi > > Just wanted to chime in on my experience with PKI...like you guys said, > initially I found it to be a PITA espec

Re: VPN suggestions

2013-11-12 Thread Marc Epstein
Hi Just wanted to chime in on my experience with PKI...like you guys said, initially I found it to be a PITA especially combining it with site to site tunneling (using ISAKMPD). But after getting the configs down and on the client side using Shrew VPN client (if there is something else out there b

Re: VPN suggestions

2013-11-12 Thread Kapetanakis Giannis
On 12/11/13 19:29, Daniel Polak wrote: Original message from Kapetanakis Giannis at 8-11-2013 13:38 I would like to discuss some suggestions about VPN to multiple road warriors. So far we're using OpenVPN, but I want to change that or at maybe offer L2TP/IPsec in addition to OpenVPN. Have

Re: VPN suggestions

2013-11-12 Thread Daniel Polak
Original message from Kapetanakis Giannis at 8-11-2013 13:38 > I would like to discuss some suggestions about VPN to multiple road > warriors. > > So far we're using OpenVPN, but I want to change that or at maybe > offer L2TP/IPsec in addition to OpenVPN. Have you considered using isakmpd? >

Re: VPN suggestions

2013-11-11 Thread YASUOKA Masahiko
On Sun, 10 Nov 2013 02:31:39 +0200 Kapetanakis Giannis wrote: > On 08/11/13 17:50, YASUOKA Masahiko wrote: >>> What I'm wondering is what you guys do to setup the ipsec path of the >>> tunnel. >>> >>> One option is to use a unique pre-shared key for all clients. But this >>> is probably insecure s

Re: VPN suggestions

2013-11-09 Thread Kapetanakis Giannis
On 08/11/13 17:50, YASUOKA Masahiko wrote: EAP-TLS would also be a very nice feature to have. Do you mean npppd should *directly* authenticate the clients with the TLS (certificates)? I think it is a bad idea. Npppd should support `EAP via RADIUS'. After it supports the `EAP via RADIUS', it wi

Re: VPN suggestions

2013-11-08 Thread YASUOKA Masahiko
On Fri, 08 Nov 2013 14:38:33 +0200 Kapetanakis Giannis wrote: > Playing around with npppd was straight forward and I was quite > impressed with it. Good job. Thanks. > EAP-TLS would also be a very nice feature to have. Do you mean npppd should *directly* authenticate the clients with the TLS (c

Re: VPN suggestions

2013-11-08 Thread Jiri B
On Fri, Nov 08, 2013 at 02:38:33PM +0200, Kapetanakis Giannis wrote: > Hi, > > I would like to discuss some suggestions about VPN to multiple road > warriors. > > So far we're using OpenVPN, but I want to change that or at maybe > offer L2TP/IPsec in addition to OpenVPN. > > Playing around with

VPN suggestions

2013-11-08 Thread Kapetanakis Giannis
Hi, I would like to discuss some suggestions about VPN to multiple road warriors. So far we're using OpenVPN, but I want to change that or at maybe offer L2TP/IPsec in addition to OpenVPN. Playing around with npppd was straight forward and I was quite impressed with it. Good job. EAP-TLS

Re: VPN suggestions and advise for clean sheet setup

2008-03-02 Thread Brett Lymn
On Fri, Feb 29, 2008 at 04:09:01PM -0500, Daniel Ouellet wrote: > > Requirements are to sadly connect Windows users back to a network and I > want that box to be OpenBSD, or multiples OpenBSD boxes to get full > network access from these connections. Multiple at once and I try to > keep the man

Re: VPN suggestions and advise for clean sheet setup

2008-02-29 Thread Alexey Vatchenko
On 2008-02-29, Daniel Ouellet <[EMAIL PROTECTED]> wrote: > Three needs, providing access to remote Window users, browser, etc. > > And if possible in some cases providing specific network access via VPN > (tunnel, or what not) to remote office. > > Last, would be to provide streaming access via a

VPN suggestions and advise for clean sheet setup

2008-02-29 Thread Daniel Ouellet
Hi, I have been looking into this for some time, but there is so many different setup possible that unless you have one and are force to continue using it, one wouldn't know witch way to go. I try to keep it as simple and clean as possible, so if you start with a clean sheet and no restricti