Re: Recommended way to setup an encrypted tunnel (a VPN)
On Wed, Jul 11, 2001 at 11:52:24AM -0500, Jeremy Gaddis [EMAIL PROTECTED] wrote a message of 42 lines which said: I said that IPSec was probably the best way because it's a standard protocol, with companies such as Microsoft and Cisco supporting it Well, to set up a tunnel, standardization is not really important, since you typically control both ends. And GRE is standard, too (but it does not provide encryption). -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Recommended way to setup an encrypted tunnel (a VPN)
On Tue, Jul 10, 2001 at 11:25:24AM -0500, Jeremy Gaddis [EMAIL PROTECTED] wrote a message of 42 lines which said: Using an IPSec VPN is probably the best way to do it. Why? (This is a real question: I see *many* solutions but I wonder why I would choose one above the others.) FreeS/WAN (http://www.freeswan.org) is a Linux implementation of IPSec, but it's not the easiest thing in the world to How do you compare it to other IPsec implementations such as pipsecd? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
RE: Recommended way to setup an encrypted tunnel (a VPN)
I said that IPSec was probably the best way because it's a standard protocol, with companies such as Microsoft and Cisco supporting it and it's supposed to be built into IPv6 if/when we ever see that. As for how it compares, I have no idea. FreeS/WAN is the only implementation of IPSec I've used so I won't try to say that it's better or worse than any other implementation. j. -- Jeremy L. Gaddis [EMAIL PROTECTED] -Original Message- From: Stephane Bortzmeyer [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 11, 2001 3:17 AM To: Jeremy Gaddis Cc: [EMAIL PROTECTED] Subject: Re: Recommended way to setup an encrypted tunnel (a VPN) On Tue, Jul 10, 2001 at 11:25:24AM -0500, Jeremy Gaddis [EMAIL PROTECTED] wrote a message of 42 lines which said: Using an IPSec VPN is probably the best way to do it. Why? (This is a real question: I see *many* solutions but I wonder why I would choose one above the others.) FreeS/WAN (http://www.freeswan.org) is a Linux implementation of IPSec, but it's not the easiest thing in the world to How do you compare it to other IPsec implementations such as pipsecd? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Recommended way to setup an encrypted tunnel (a VPN)
On Tue, Jul 10, 2001 at 01:05:48PM -0400, Theodore Knab [EMAIL PROTECTED] wrote a message of 73 lines which said: If you want an easy way to setup IPsec, contact a network security consultant that understands it. No, I don't want an easy way, I want opinions and pointers. If this is not feasible or you want to do it yourself, start reading. I've found already many documents, which I mentioned in my first message. The problem is that there is almost no comprehensive comparison. Here is an intro to VPN http://www.synthcom.com/~val/cs510/termpaper.htm Which does not even mention GRE or SSH+PPP...
Re: Recommended way to setup an encrypted tunnel (a VPN)
On Tue, Jul 10, 2001 at 11:25:24AM -0500, Jeremy Gaddis [EMAIL PROTECTED] wrote a message of 42 lines which said: Using an IPSec VPN is probably the best way to do it. Why? (This is a real question: I see *many* solutions but I wonder why I would choose one above the others.) FreeS/WAN (http://www.freeswan.org) is a Linux implementation of IPSec, but it's not the easiest thing in the world to How do you compare it to other IPsec implementations such as pipsecd?
RE: Recommended way to setup an encrypted tunnel (a VPN)
I said that IPSec was probably the best way because it's a standard protocol, with companies such as Microsoft and Cisco supporting it and it's supposed to be built into IPv6 if/when we ever see that. As for how it compares, I have no idea. FreeS/WAN is the only implementation of IPSec I've used so I won't try to say that it's better or worse than any other implementation. j. -- Jeremy L. Gaddis [EMAIL PROTECTED] -Original Message- From: Stephane Bortzmeyer [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 11, 2001 3:17 AM To: Jeremy Gaddis Cc: debian-isp@lists.debian.org Subject: Re: Recommended way to setup an encrypted tunnel (a VPN) On Tue, Jul 10, 2001 at 11:25:24AM -0500, Jeremy Gaddis [EMAIL PROTECTED] wrote a message of 42 lines which said: Using an IPSec VPN is probably the best way to do it. Why? (This is a real question: I see *many* solutions but I wonder why I would choose one above the others.) FreeS/WAN (http://www.freeswan.org) is a Linux implementation of IPSec, but it's not the easiest thing in the world to How do you compare it to other IPsec implementations such as pipsecd? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Recommended way to setup an encrypted tunnel (a VPN)
On Tue, Jul 10, 2001 at 05:36:08PM +0200, Stephane Bortzmeyer wrote: I have to connect two networks together and the virtual link needs to be safely encrypted (some users know SSH but some will just POP blindly and LDAP in woody is not SSLized anyway). I wonder what is the recommended way to setup an encrypted tunnel (to make a VPN) between two Debian boxes: See Linux FreeS/WAN [http://www.freeswan.org/intro.html]. Ciao Charl __ I'm not closed-minded, you're just wrong. __ [ Charl Matthee ] [ +27-11-721-3800 ] [ Reality Manufacturing ] [ +27-11-405-6508 ] __ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
RE: Recommended way to setup an encrypted tunnel (a VPN)
Using an IPSec VPN is probably the best way to do it. FreeS/WAN (http://www.freeswan.org) is a Linux implementation of IPSec, but it's not the easiest thing in the world to configure. j. -- Jeremy L. Gaddis [EMAIL PROTECTED] -Original Message- From: Stephane Bortzmeyer [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 10, 2001 10:36 AM To: [EMAIL PROTECTED] Subject: Recommended way to setup an encrypted tunnel (a VPN) I have to connect two networks together and the virtual link needs to be safely encrypted (some users know SSH but some will just POP blindly and LDAP in woody is not SSLized anyway). I wonder what is the recommended way to setup an encrypted tunnel (to make a VPN) between two Debian boxes: - I tried pipsecd + userlink. The userlink module seems severely broken, at least with kernel 2.4. A simple ifconfig stays in D 'disk wait' forever! - ssh + ppp seems interesting because I know both of them. But is there a trick when you combine them? http://www.linuxdoc.org/HOWTO/VPN-HOWTO.html does not seem to be maintained. - GRE module in the kernel? (I use 2.4 on woody) Anyone has something to say about it? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Recommended way to setup an encrypted tunnel (a VPN)
On Tue, Jul 10, 2001 at 05:36:08PM +0200, Stephane Bortzmeyer wrote: I have to connect two networks together and the virtual link needs to be safely encrypted (some users know SSH but some will just POP blindly and LDAP in woody is not SSLized anyway). I wonder what is the recommended way to setup an encrypted tunnel (to make a VPN) between two Debian boxes: - I tried pipsecd + userlink. The userlink module seems severely broken, at least with kernel 2.4. A simple ifconfig stays in D 'disk wait' forever! - ssh + ppp seems interesting because I know both of them. But is there a trick when you combine them? http://www.linuxdoc.org/HOWTO/VPN-HOWTO.html does not seem to be maintained. - GRE module in the kernel? (I use 2.4 on woody) Anyone has something to say about it? tunnelv works great too. Although the docs are a bit ... short ..., it does the job. -- Karl E. Jørgensen [EMAIL PROTECTED] www.karl.jorgensen.com Today's fortune: Remember Darwin; building a better mousetrap merely results in smarter mice. PGP signature
Re: Recommended way to setup an encrypted tunnel (a VPN)
If you want an easy way to setup IPsec, contact a network security consultant that understands it. I think they are rare. One organization that I know does understand IPsec is protectix. They offer a turn-key solution which is designed around open source. The advantage of using protectix is they also develop IPsec devices. http://www.protectix.com/ Their device is called the Prowall. If this is not feasible or you want to do it yourself, start reading. Read all the documents on the IPsec listserve. http://lists.freeswan.org Design: http://lists.freeswan.org/pipermail/design/ Using: http://lists.freeswan.org/pipermail/users/ Briefs: http://lists.freeswan.org/pipermail/briefs/ Here is an intro to VPN http://www.synthcom.com/~val/cs510/termpaper.htm -Ted Knab Senior Otaku Breezy Network Solutions On Tue, Jul 10, 2001 at 11:25:24AM -0500, Jeremy Gaddis wrote: Using an IPSec VPN is probably the best way to do it. FreeS/WAN (http://www.freeswan.org) is a Linux implementation of IPSec, but it's not the easiest thing in the world to configure. j. -- Jeremy L. Gaddis [EMAIL PROTECTED] -Original Message- From: Stephane Bortzmeyer [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 10, 2001 10:36 AM To: [EMAIL PROTECTED] Subject: Recommended way to setup an encrypted tunnel (a VPN) I have to connect two networks together and the virtual link needs to be safely encrypted (some users know SSH but some will just POP blindly and LDAP in woody is not SSLized anyway). I wonder what is the recommended way to setup an encrypted tunnel (to make a VPN) between two Debian boxes: - I tried pipsecd + userlink. The userlink module seems severely broken, at least with kernel 2.4. A simple ifconfig stays in D 'disk wait' forever! - ssh + ppp seems interesting because I know both of them. But is there a trick when you combine them? http://www.linuxdoc.org/HOWTO/VPN-HOWTO.html does not seem to be maintained. - GRE module in the kernel? (I use 2.4 on woody) Anyone has something to say about it? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Recommended way to setup an encrypted tunnel (a VPN)
I have to connect two networks together and the virtual link needs to be safely encrypted (some users know SSH but some will just POP blindly and LDAP in woody is not SSLized anyway). I wonder what is the recommended way to setup an encrypted tunnel (to make a VPN) between two Debian boxes: - I tried pipsecd + userlink. The userlink module seems severely broken, at least with kernel 2.4. A simple ifconfig stays in D 'disk wait' forever! - ssh + ppp seems interesting because I know both of them. But is there a trick when you combine them? http://www.linuxdoc.org/HOWTO/VPN-HOWTO.html does not seem to be maintained. - GRE module in the kernel? (I use 2.4 on woody) Anyone has something to say about it?
Re: Recommended way to setup an encrypted tunnel (a VPN)
On Tue, Jul 10, 2001 at 05:36:08PM +0200, Stephane Bortzmeyer wrote: I have to connect two networks together and the virtual link needs to be safely encrypted (some users know SSH but some will just POP blindly and LDAP in woody is not SSLized anyway). I wonder what is the recommended way to setup an encrypted tunnel (to make a VPN) between two Debian boxes: See Linux FreeS/WAN [http://www.freeswan.org/intro.html]. Ciao Charl __ I'm not closed-minded, you're just wrong. __ [ Charl Matthee ] [ +27-11-721-3800 ] [ Reality Manufacturing ] [ +27-11-405-6508 ] __
RE: Recommended way to setup an encrypted tunnel (a VPN)
Using an IPSec VPN is probably the best way to do it. FreeS/WAN (http://www.freeswan.org) is a Linux implementation of IPSec, but it's not the easiest thing in the world to configure. j. -- Jeremy L. Gaddis [EMAIL PROTECTED] -Original Message- From: Stephane Bortzmeyer [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 10, 2001 10:36 AM To: debian-isp@lists.debian.org Subject: Recommended way to setup an encrypted tunnel (a VPN) I have to connect two networks together and the virtual link needs to be safely encrypted (some users know SSH but some will just POP blindly and LDAP in woody is not SSLized anyway). I wonder what is the recommended way to setup an encrypted tunnel (to make a VPN) between two Debian boxes: - I tried pipsecd + userlink. The userlink module seems severely broken, at least with kernel 2.4. A simple ifconfig stays in D 'disk wait' forever! - ssh + ppp seems interesting because I know both of them. But is there a trick when you combine them? http://www.linuxdoc.org/HOWTO/VPN-HOWTO.html does not seem to be maintained. - GRE module in the kernel? (I use 2.4 on woody) Anyone has something to say about it? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Recommended way to setup an encrypted tunnel (a VPN)
On Tue, Jul 10, 2001 at 05:36:08PM +0200, Stephane Bortzmeyer wrote: I have to connect two networks together and the virtual link needs to be safely encrypted (some users know SSH but some will just POP blindly and LDAP in woody is not SSLized anyway). I wonder what is the recommended way to setup an encrypted tunnel (to make a VPN) between two Debian boxes: - I tried pipsecd + userlink. The userlink module seems severely broken, at least with kernel 2.4. A simple ifconfig stays in D 'disk wait' forever! - ssh + ppp seems interesting because I know both of them. But is there a trick when you combine them? http://www.linuxdoc.org/HOWTO/VPN-HOWTO.html does not seem to be maintained. - GRE module in the kernel? (I use 2.4 on woody) Anyone has something to say about it? tunnelv works great too. Although the docs are a bit ... short ..., it does the job. -- Karl E. Jørgensen [EMAIL PROTECTED] www.karl.jorgensen.com Today's fortune: Remember Darwin; building a better mousetrap merely results in smarter mice. pgplrcNsplhdO.pgp Description: PGP signature
Re: Recommended way to setup an encrypted tunnel (a VPN)
If you want an easy way to setup IPsec, contact a network security consultant that understands it. I think they are rare. One organization that I know does understand IPsec is protectix. They offer a turn-key solution which is designed around open source. The advantage of using protectix is they also develop IPsec devices. http://www.protectix.com/ Their device is called the Prowall. If this is not feasible or you want to do it yourself, start reading. Read all the documents on the IPsec listserve. http://lists.freeswan.org Design: http://lists.freeswan.org/pipermail/design/ Using: http://lists.freeswan.org/pipermail/users/ Briefs: http://lists.freeswan.org/pipermail/briefs/ Here is an intro to VPN http://www.synthcom.com/~val/cs510/termpaper.htm -Ted Knab Senior Otaku Breezy Network Solutions On Tue, Jul 10, 2001 at 11:25:24AM -0500, Jeremy Gaddis wrote: Using an IPSec VPN is probably the best way to do it. FreeS/WAN (http://www.freeswan.org) is a Linux implementation of IPSec, but it's not the easiest thing in the world to configure. j. -- Jeremy L. Gaddis [EMAIL PROTECTED] -Original Message- From: Stephane Bortzmeyer [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 10, 2001 10:36 AM To: debian-isp@lists.debian.org Subject: Recommended way to setup an encrypted tunnel (a VPN) I have to connect two networks together and the virtual link needs to be safely encrypted (some users know SSH but some will just POP blindly and LDAP in woody is not SSLized anyway). I wonder what is the recommended way to setup an encrypted tunnel (to make a VPN) between two Debian boxes: - I tried pipsecd + userlink. The userlink module seems severely broken, at least with kernel 2.4. A simple ifconfig stays in D 'disk wait' forever! - ssh + ppp seems interesting because I know both of them. But is there a trick when you combine them? http://www.linuxdoc.org/HOWTO/VPN-HOWTO.html does not seem to be maintained. - GRE module in the kernel? (I use 2.4 on woody) Anyone has something to say about it?