[expert] VPN + proxy configuration?
Hello expert, I would like to set up a VPN to my ISP. My network setup is: ISP <-> local router/firewall <-> local net <-> computer A,B,C... Is it possible to configure the VPN on comp A as follows: local net <-> [ VPN client <-> local proxies <-> browser, news, mail, etc clients] The local proxies currently operate as 'localhost', and the clients are set up to use a 'localhost' proxy on the appropriate port, say 80 for HTTP. The local proxy of most interest is Privoxy. It makes browsing nicer and more private. How can I set this up in Mandrake? My ISP has available a Cisco IPSEC client for linux, if it is needed. The usual VPN setup is as follows: local net <-> [ VPN client <-> browser, news, mail, etc clients] What I am most interested in is ADDING the local proxies to the chain. Also, I have the local net, with Win machines, set up to share files and printing. If I allow this VPN tunnel to my ISP, thus making a direct connection to my local net inside the router/firewall, will that essentially compromise my security by allowing others to see my local network and files? If so, is there a way to prevent this (perhaps by setting up a vpn network zone in the Mandrake firewall)? -- Thanks, rikona mailto:[EMAIL PROTECTED] Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
RE: [expert] VPN with dynamic IP and 2 different OSes?
> > It is possible, but it's not as convenient as if there was 2 > linux / freeswan > endpoints... I've managed a few months ago to set up a VPN between a > company's subnet and windows 2000 / XP roadwarriors. > > > > Was curious if I could set up a VPN between me and my father and kind of > > new to this. We are both on ADSL and dynamic IP. He has Windows I use > > Linux. Is such thing possible? > > > > Best regards, > > Adrian > Check out OpenVPN. Looks pretty sweet. http://openvpn.sourceforge.net/ Brandon Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] VPN client
Hi Albert, I saw your question the other day and replied to the list but it was never received. Check out http://pptpclient.sourceforge.net. I use it to tunnel into a Microsoft VPN server at work and then VNC to my Windows XP system there. Cheers, Tony. On Sat, 2003-07-19 at 03:23, Albert Charron wrote: > Hi there. On my home computer, I'm running Mandrake Linux 9.1. My question is > quite simple, so I'll go to it directly... Is there a VPN Client for Linux? > > I ask this because I often need a VPN connection when I work from home. For now, > the only way I know is to reboot in Windoze to use it's builtin VPN client, but > while Mandrake is my main OS now, I'd like to find alternatives to all M$ products. > > Thanks for your help! > > +---+ > | Albert Charron| > +---+ > | Linux Registered user: 157482 | > |- Registered computers: 164158, 195048, 205791, 205792 | > | www.linuxcounter.org | > +---+ > > > __ > > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com -- Tony Sim <[EMAIL PROTECTED]> Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] VPN client
On Fri, 18 Jul 2003 15:32:50 -0500 "J.C. Woods" <[EMAIL PROTECTED]> wrote: > Albert Charron wrote: > > >Hi there. On my home computer, I'm running Mandrake Linux 9.1. My question is > >quite simple, so I'll go to it directly... Is there a VPN Client for Linux? > > > >I ask this because I often need a VPN connection when I work from > home. For now, the only way I know is to reboot in Windoze to use > it's builtin VPN client, but while Mandrake is my main OS now, I'd > like to find alternatives to all M$ products. Check with your VPN vendor. My company uses Cisco VPN. It has a linux client. -Mark -- Mark Belanger LTX Corporation Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] VPN client
Albert Charron wrote: Hi there. On my home computer, I'm running Mandrake Linux 9.1. My question is quite simple, so I'll go to it directly... Is there a VPN Client for Linux? I ask this because I often need a VPN connection when I work from home. For now, the only way I know is to reboot in Windoze to use it's builtin VPN client, but while Mandrake is my main OS now, I'd like to find alternatives to all M$ products. Thanks for your help! You betcha! Check out http://www.freeswan.org Read the docs. It requires some set up work but is well worth the effort. Good luck, drjung -- J. Craig Woods UNIX Network/System Engineer http://www.trismegistus.net/resume.htm Let him that would move the world, first move himself. -- Socrates Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] VPN client
there are several VPN clients for Linux <> Linux, but Linux <> corporate is a little tougher. Are you using Check Point or Nortel? Those are the most common corporate clients. Nortel makes a commercial client for Linux, $100 IIRC. Linux using FreeS/WAN will talk to either of those as a router, but can't do the user-level auth required for what you're probably dealing with. On Fri, 2003-07-18 at 10:23, Albert Charron wrote: > Hi there. On my home computer, I'm running Mandrake Linux 9.1. My question is > quite simple, so I'll go to it directly... Is there a VPN Client for Linux? > > I ask this because I often need a VPN connection when I work from home. For now, > the only way I know is to reboot in Windoze to use it's builtin VPN client, but > while Mandrake is my main OS now, I'd like to find alternatives to all M$ products. > > Thanks for your help! > > +---+ > | Albert Charron| > +---+ > | Linux Registered user: 157482 | > |- Registered computers: 164158, 195048, 205791, 205792 | > | www.linuxcounter.org | > +---+ > > > __ > > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com -- Jack Coates Monkeynoodle: A Scientific Venture... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] VPN client
Hi there. On my home computer, I'm running Mandrake Linux 9.1. My question is quite simple, so I'll go to it directly... Is there a VPN Client for Linux? I ask this because I often need a VPN connection when I work from home. For now, the only way I know is to reboot in Windoze to use it's builtin VPN client, but while Mandrake is my main OS now, I'd like to find alternatives to all M$ products. Thanks for your help! +---+ | Albert Charron| +---+ | Linux Registered user: 157482 | |- Registered computers: 164158, 195048, 205791, 205792 | | www.linuxcounter.org | +---+ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] VPN Client for Linux
--- "J. Craig Woods" <[EMAIL PROTECTED]> wrote: > Looking for some suggestions: > > I need to access my private network at work, and I am looking for a VPN > client that will work with a CheckPoint Firewall VPN on a Win2000 > Server. I need to tunnel ssh through the firewall, and connect to my > sparc machine (SunOS 5.9). I was given a Micro$oft VPN client made by > CheckPoint (of course, with username and password) for this task but I > would much prefer a Linux VPN client for the aforementioned task. > > Is one available, and is there some documentation on the web? I have > STFW, and found some interesting reading, including freeS/WAN, but > thought I might see if anyone on the expert list has some suggestions. > I > have access to any version of Linux for this VPN client to work on, or > with. Dr J, I've got a client with a similar problem, and I considered this: http://www.poptop.org/ And here is an article from a fellow that incorporated this solution into his company. It is compatible with M$ based clients (2000, 98, etc), and looks solid. URL: http://www.zdnet.co.uk/news/specials/2000/10/enterprise/techrepublic/2002/05/article001.html > (yes, LX, this means I am back among the gainfully employed, thanks for > you help too) You're welcome, of course! Although I didn't do much. I know that's a big relief off your mind! I hope this VPN suggestion helps. :) Sorry I did'nt respond sooner; I'm experimenting with wine/sat modem drivers and right now all I have is a proxy setup rather than real NAT. I have to use a browser to wade thru the messages at present...not fun. > Thanks for any help in this regard, > drjung > Congrats!! LX __ Do you Yahoo!? Faith Hill - Exclusive Performances, Videos & More http://faith.yahoo.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] VPN Client for Linux
Greetings, It is my understanding that Free/SWAN works with Checkpoint, although I personally have not used it. Check out: http://www.freeswan.org/ and there are a number of mailing lists & archives from that URL. I'm sure someone over there will be an excellent source to post this question; they will know for sure. HTH, DGO On Sunday 06 October 2002 10:57, J. Craig Woods Wrote Thusly: > Looking for some suggestions: > > I need to access my private network at work, and I am looking for a VPN > client that will work with a CheckPoint Firewall VPN on a Win2000 > Server. I need to tunnel ssh through the firewall, and connect to my > sparc machine (SunOS 5.9). I was given a Micro$oft VPN client made by > CheckPoint (of course, with username and password) for this task but I > would much prefer a Linux VPN client for the aforementioned task. Yup - especially if you're talking with another *nix box. > Is one available, and is there some documentation on the web? I have > STFW, and found some interesting reading, including freeS/WAN, but > thought I might see if anyone on the expert list has some suggestions. I > have access to any version of Linux for this VPN client to work on, or > with. > > (yes, LX, this means I am back among the gainfully employed, thanks for > you help too) > > Thanks for any help in this regard, > drjung -- "Entropy Requires No Maintenance" Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] VPN Client for Linux
Craig, Check out poptop.lineo.com "J. Craig Woods" wrote: > Looking for some suggestions: > > I need to access my private network at work, and I am looking for a VPN > client that will work with a CheckPoint Firewall VPN on a Win2000 > Server. I need to tunnel ssh through the firewall, and connect to my > sparc machine (SunOS 5.9). I was given a Micro$oft VPN client made by > CheckPoint (of course, with username and password) for this task but I > would much prefer a Linux VPN client for the aforementioned task. > > Is one available, and is there some documentation on the web? I have > STFW, and found some interesting reading, including freeS/WAN, but > thought I might see if anyone on the expert list has some suggestions. I > have access to any version of Linux for this VPN client to work on, or > with. > > (yes, LX, this means I am back among the gainfully employed, thanks for > you help too) > > Thanks for any help in this regard, > drjung > > -- > J. Craig Woods > UNIX Network/System Administration > http://www.trismegistus.net/resume.html > Character is built upon the debris of despair --Emerson > > > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com -- David C. Rankin, J.D., P.E. RANKIN * BERTIN, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 (936) 715-9333 (936) 715-9339 fax Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] VPN Client for Linux
Looking for some suggestions: I need to access my private network at work, and I am looking for a VPN client that will work with a CheckPoint Firewall VPN on a Win2000 Server. I need to tunnel ssh through the firewall, and connect to my sparc machine (SunOS 5.9). I was given a Micro$oft VPN client made by CheckPoint (of course, with username and password) for this task but I would much prefer a Linux VPN client for the aforementioned task. Is one available, and is there some documentation on the web? I have STFW, and found some interesting reading, including freeS/WAN, but thought I might see if anyone on the expert list has some suggestions. I have access to any version of Linux for this VPN client to work on, or with. (yes, LX, this means I am back among the gainfully employed, thanks for you help too) Thanks for any help in this regard, drjung -- J. Craig Woods UNIX Network/System Administration http://www.trismegistus.net/resume.html Character is built upon the debris of despair --Emerson Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] vpn solution
Dodd, David J wrote: >Has anyone used the links cable /DELL VPNS router with Linux or SUN? I >called linksys and they only support windoz... If not has anyone used a >VPN solution to secure a wireless access point? I have a linksys >wireless access point and want to secure it further with a VPN. > >thanks >dave > > > > >Want to buy your Pack or Services from MandrakeSoft? >Go to http://www.mandrakestore.com > use VNC... VPN uses a proprietary protocol as well as TCP which would require massive script overhaul. Free VNC clients are available for Windows, Civileme Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] vpn solution
Has anyone used the links cable /DELL VPNS router with Linux or SUN? I called linksys and they only support windoz... If not has anyone used a VPN solution to secure a wireless access point? I have a linksys wireless access point and want to secure it further with a VPN. thanks dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: Re: [expert] VPN in Mandrake 8.1
Sorry for all this questions... but... Do you have any special recomendations to use OpenVPN??? Any kind of "rare experiences"? I'd like to be prepared for any kind of problems... Thanks for help. Tomek
Re: [expert] VPN in Mandrake 8.1
On Fri, 5 Jul 2002 [EMAIL PROTECTED] wrote: > Hi!! > > This time I realy need your help. > > I wonder if it is possible to make a VPN using Mandrake 8.1??? (I can imagine it >should be possible) > > I was reading HOWTO's on www.linuxdoc.org... but I would prefere a "home-made" >experience > > So, please... if anyone has made any "experiment" with VPN in Mandrake... please >help me. > > Thanks, Tomek > I've used OpenVPN with success. It's easy to build and install and seems to work well. Search freshmeat.net for the packages. If you just want to create a tunnel you can also try using the port forwarding mechanism of openssh. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] VPN in Mandrake 8.1
Hi!! This time I realy need your help. I wonder if it is possible to make a VPN using Mandrake 8.1??? (I can imagine it should be possible) I was reading HOWTO's on www.linuxdoc.org... but I would prefere a "home-made" experience So, please... if anyone has made any "experiment" with VPN in Mandrake... please help me. Thanks, Tomek
Re: [expert] VPN
Hi you can also try free/swan. at least in mkd8 it was part of the distribution. Bye -- Haim On Mon, Feb 04, 2002 at 11:22:19PM -0500, Sesame Galeo wrote: > Hi All, > > For those who are setting up VPN, which software would you recommend to > link travellers to an application running on MDK 8.1 and a samba server ? I > already evaluated "PPTPD". > > Thanks > > Richard > > > > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] VPN
On Tuesday 05 February 2002 06:22, you wrote: > Hi All, > > For those who are setting up VPN, which software would you recommend to > link travellers to an application running on MDK 8.1 and a samba server ? I > already evaluated "PPTPD". > > Thanks > > Richard Hi Richard There's not much to recomed,actually it's the only one what i've found so far,have searched trough net and score is quite null! And it seems.that developement of pptp is stopped at the moment. What I liked to find is IPSEC VPN CLIENT for linux In my case FreeSwan is not the answer...I'm end user so that's why. Greetigs Jarmo Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] VPN
Hi All, For those who are setting up VPN, which software would you recommend to link travellers to an application running on MDK 8.1 and a samba server ? I already evaluated "PPTPD". Thanks Richard Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] VPN between 2 offices with LM Firewalls
Dave Sherman wrote: > On 06 Sep 2001 22:14:12 -0600, Darcy Brodie, CJL wrote: > > Question: > > Going through the VPN, can I make a continous connection as long > > as the workstation is running, and allow it to send information to the > > Unix Server, as well as receive print information to a local printer > > connected to the remote linux workstation (they need to be able to print > > invoices, etc from the remote location) > > I can already establish a SSH connection to the main server, but I > > am unsure if it will allow printing functions to be processed at the > > remote end. > > Any suggestions on possible methods of achieving this? > > Are you planning on running ppp over ssh for your VPN (Ack! Acronym > overload!)? If so, there is a good how-to at > www.linuxdocs.org/HOWTOs/VPN-HOWTO.html > > Dave To be honest here, I am not sure. I am currently in the "information" gathering stage right now (can it be donw, and if so, how) I will check out that how-to and see what it has to say Darcy Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] VPN between 2 offices with LM Firewalls
On 06 Sep 2001 22:14:12 -0600, Darcy Brodie, CJL wrote: > Question: > Going through the VPN, can I make a continous connection as long > as the workstation is running, and allow it to send information to the > Unix Server, as well as receive print information to a local printer > connected to the remote linux workstation (they need to be able to print > invoices, etc from the remote location) > I can already establish a SSH connection to the main server, but I > am unsure if it will allow printing functions to be processed at the > remote end. > Any suggestions on possible methods of achieving this? Are you planning on running ppp over ssh for your VPN (Ack! Acronym overload!)? If so, there is a good how-to at www.linuxdocs.org/HOWTOs/VPN-HOWTO.html Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] VPN between 2 offices with LM Firewalls
I have been approached by my office to set up a remote link between our main office and a new remote office, that will allow the remote office to access the primary server in the main office (it contains all of our customer database, inventory, etc). Here is the catch. The main server is running SCO Unix, and it controls all functions relating to the operation of the accounting software, including printing, invoicing, etc. At the new location, I will be again setting up a Linux firewall (it may be LM7.2 or 8.0, not sure yet), with 2 workstations. The one that must be able to connect to the main server will also be running Linux. Both the locations will be on cable connections, with static IP's. The firewall at the main office is currently LM7.2 with IPCHAINS, but if need be, I can change that. Question: Going through the VPN, can I make a continous connection as long as the workstation is running, and allow it to send information to the Unix Server, as well as receive print information to a local printer connected to the remote linux workstation (they need to be able to print invoices, etc from the remote location) I can already establish a SSH connection to the main server, but I am unsure if it will allow printing functions to be processed at the remote end. Any suggestions on possible methods of achieving this? Thanks Darcy Brodie Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] VPN based on Linux
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sunday 26 August 2001 10:27, Oren Gozlan wrote: > Hi i'm using ipchains based firewall ans want to add Vpn to allow > remote access to my lan, > DOes anyone have any recomandation about somthing in this topic ??? > > THNX There are 2 LDP HOWTOs on different forms of VPN techniques. As I recall, they aren't very dense reading. - -- Sun Aug 26 10:53:31 2001 Seq. TimestampUptime - 1: Mon Jul 16 16:28:17 2001 - 40 18:25:05 - 2.4.6-3mdk <<-- 2: Thu May 17 01:44:04 2001 - 35 15:31:51 - 2.4.3-20mdk 3: Thu Jun 21 17:33:18 2001 - 10 05:29:02 - 2.4.3-20mdk 4: Sun Jul 1 23:03:05 2001 - 7 10:13:18 - 2.4.3-20mdk 5: Wed Jul 11 15:11:11 2001 - 5 01:16:26 - 2.4.6-3mdk 6: Tue Jul 10 02:55:19 2001 - 1 09:18:42 - 2.4.3-20mdk 7: Wed Jul 11 12:14:35 2001 - 0 02:20:37 - 2.4.6-3mdk 8: Wed Jul 11 14:39:19 2001 - 0 00:31:20 - 2.4.6-3mdk 9: Wed Jul 11 14:35:45 2001 - 0 00:03:01 - 2.4.6-3mdk -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7iRv/jTz5dS9Us5wRAoAvAJ948DM0y+J520Gi4Ec7vLstqVJ72wCdGZZT 8FV9SkRccCt0kfOmThccCZo= =7+zd -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://.mandrakestore.com
Re: [expert] VPN based on Linux
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sunday 26 August 2001 10:27 am, thus spake Oren Gozlan: > > Hi i'm using ipchains based firewall ans want to add Vpn to allow remote > access to my lan, > DOes anyone have any recomandation about somthing in this topic ??? Check out www.freeswan.org Dave - -- "Nihil tam munitum quod non expugnari pecunia possit." (No fortification is such that it cannot be subdued with money.) - - Marcus Tullius Cicero, 106-43 B.C. -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7iQcNA68l26XsZUYRAnD8AKDWv1Fcw//sAa8RTsiSeRfXe+lNEgCfcl9z t4GJffjQ1S5yyJujIA4qyUw= =QkHU -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://.mandrakestore.com
[expert] VPN based on Linux
Hi i'm using ipchains based firewall ans want to add Vpn to allow remote access to my lan, DOes anyone have any recomandation about somthing in this topic ??? THNX -- - Oren Gozlan Mobixell Networks Inc. p: +972 9 776 0121 f: + 972 9 740 7373 c: +972 54 536 047 www.mobixell.com [EMAIL PROTECTED] - Want to buy your Pack or Services from MandrakeSoft? Go to http://.mandrakestore.com
[expert] VPN with LM8
Hello; I am beginning to toy with setting up a VPN. I have found several how-to documents, but they all seem to refer to the 2.2.x or earlier kernel. Does anyone have a URL for a VPN how-to which involves the 2.4.x kernel? Thanks, Bruce Endries Bruce Endries Consulting (607) 433-2677 [EMAIL PROTECTED]
[expert] VPN info
Hey all, I'm considering playing around a little with VPNs and was wondering if there was any tips or tricks anyone could provide me with. Cheers Current Linux kernel 2.4.3-20mdk uptime: 9 days 23 hours 20 minutes.
[expert] VPN Newbie wants to try to connect from home
This is a VPN newbie question (if there is such a thing) that is simply looking for help/documentation that will let me connect my Win98 box at home to my office network. (I have read the VPN-HOWTO and VPN Masquerade-HOWTO) The setup: Home: Win98 cable modem to the net (DHCP). Office Linux Mandrake 7.2 (Serves 4 WinXX clients) Samba 2.07 Linksys cable/dsl router (with port forwarding capability) Static IP cable modem to the net Currently I can telnet, FTP and http into my Linux box from home. I would like to set up a VPN so I can access my samba shares from Win98 at home in a more useable manner than telnet, FTP, etc.. Don't get me wrong, I am flat amazed and astonished that telnet, FTP and http work as well as they do and I can do 90% of what I need to do with those services. What I would like to do is eliminate the FTP into office, copy file to home, edit file, FTP back into office, copy file back to office. With that said, I have read the VPN-HOWTO and VPN Masquerade HOWTO and while they discuss setting up PPTP on the client side, most of the discussion on the server side is directed to Master -- Slave Linux box setup. What I get from the howtos is that I should be able to configure the Win98 box at home to use the linksys router at work as its gateway, port forward the port in the router to allow ssh/pptpd traffic to pass through to my linux box. Where I melt down is figuring out how to set up the linux box from there. Does anyone know of a basic document that describes how to configure a linux/samba box to support a simple Win9X VPN connection to be made. (The use of "simple" may further disclose the extent of newbieness I suffer from with respect to VPN) Your thoughts, hints, tips, tricks, encouragements and discouragements are welcomed. David Rankin Nacogdoches, Texas [EMAIL PROTECTED]
RE: [expert] VPN software
>I'm not certain but I think that freeS/WAN will talk to MS IPSec. I have >not tried though. I saw somewhere that there is a (commercial?) PGP >package that supports this under Windows too. The software is NAIs PGPnet and the noncommercial version (free) supports connections only to the gateway. If one requires tunneling to internal nodes, you need the commercial version (not free). IPSec is implemented in w2000 and not in w9x and I hear that there are problems trying to connect natively in w2000? None of this is from experience, just reading. I would like to browse the MS network from the internet as a roadwarrior. The gateway is Linux 7.2 w/ Samba acting as PDC and WINS server (ipmasq too). I already use putty on win machines to ssh into it. I guess that brings me to kernel source - never had a reason to patch a kernel - I guess I do now. Where can I get a mandrake specific kernel source in tar format or can I use the source RPM off the CD and mv the Linux folder and install the source again? Hmm... better look into it some more. Thxs Andy Judge -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Scott Patten Sent: Friday, March 02, 2001 1:10 AM To: [EMAIL PROTECTED] Subject: Re: [expert] VPN software > Is there an RPM for freeS/WAN or poptop available or do we need to install > from source? I've never seen one. I have looked. This makes sense though. Both require patching the kernel. I know there are various capabilities added to the Mandrake kernels (reiserfs, security patches, etc.) but I don't think that freeS/WAN or PoPTop are included. > Also, does 7.2 support the latest version of poptop and > FreeS/WAN? It doesn't support it in the sense that it doesn't ship with it. The only way that I have seen these available is in source form. You compile the patched kernel and you compile supporting software with one command typically. The freeS/WAN docs cover this rather well. > I assume the FreeS/WAN is more difficult to configure in a MS > / Linux environment since it requires a 3rd party client software. I'm not certain but I think that freeS/WAN will talk to MS IPSec. I have not tried though. I saw somewhere that there is a (commercial?) PGP package that supports this under Windows too. Do you need to encrypt TCP traffic or UDP as well? Do you need to access lots of ports or only a few? Do you have a couple users or many? A simple (simple to set up) solution is to use OpenSSH on the linux server and TerraTerm and TTSSH on the Windows client to gain access to specific ports on a secure network. This isn't perfect by any means but it's much easier to configure. I actually have used all 3 methods and I like freeS/WAN the best. It also took the most time to configure and only works between 2 Linux systems. I have seen other solutions on Freshmeat. I have tried a couple with no success (because of a problem with ipchains and not the particular software). There are solutions that don't require patching the kernel but I think they only work in Linux or *nix environments. Cheers, Scott Patten
RE: [expert] VPN software
Hi Scott, Is there a linux VPN solution that will talk to a Cisco VPN router (IPsec)? Thanks ... Charles -Original Message- From: Scott Patten [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 01, 2001 10:10 PM To: [EMAIL PROTECTED] Subject: Re: [expert] VPN software > Is there an RPM for freeS/WAN or poptop available or do we need to install > from source? I've never seen one. I have looked. This makes sense though. Both require patching the kernel. I know there are various capabilities added to the Mandrake kernels (reiserfs, security patches, etc.) but I don't think that freeS/WAN or PoPTop are included. > Also, does 7.2 support the latest version of poptop and > FreeS/WAN? It doesn't support it in the sense that it doesn't ship with it. The only way that I have seen these available is in source form. You compile the patched kernel and you compile supporting software with one command typically. The freeS/WAN docs cover this rather well. > I assume the FreeS/WAN is more difficult to configure in a MS > / Linux environment since it requires a 3rd party client software. I'm not certain but I think that freeS/WAN will talk to MS IPSec. I have not tried though. I saw somewhere that there is a (commercial?) PGP package that supports this under Windows too. Do you need to encrypt TCP traffic or UDP as well? Do you need to access lots of ports or only a few? Do you have a couple users or many? A simple (simple to set up) solution is to use OpenSSH on the linux server and TerraTerm and TTSSH on the Windows client to gain access to specific ports on a secure network. This isn't perfect by any means but it's much easier to configure. I actually have used all 3 methods and I like freeS/WAN the best. It also took the most time to configure and only works between 2 Linux systems. I have seen other solutions on Freshmeat. I have tried a couple with no success (because of a problem with ipchains and not the particular software). There are solutions that don't require patching the kernel but I think they only work in Linux or *nix environments. Cheers, Scott Patten
Re: [expert] VPN software
On 02-Mar-01 Scott Patten wrote: |> Is there an RPM for freeS/WAN or poptop available or do we need to |> install |> from source? | Yes: on contribs.(freeswan-rpm) But also included in the 4.2.3 kernel IMHO. -- Eric MC E-Mail: Eric MC D. <[EMAIL PROTECTED]> Date: 03-Mar-01 Time: 16:21:11 RLU#165727 But it does move! -- Galileo Galilei --
Re: [expert] VPN software
> Is there an RPM for freeS/WAN or poptop available or do we need to install > from source? I've never seen one. I have looked. This makes sense though. Both require patching the kernel. I know there are various capabilities added to the Mandrake kernels (reiserfs, security patches, etc.) but I don't think that freeS/WAN or PoPTop are included. > Also, does 7.2 support the latest version of poptop and > FreeS/WAN? It doesn't support it in the sense that it doesn't ship with it. The only way that I have seen these available is in source form. You compile the patched kernel and you compile supporting software with one command typically. The freeS/WAN docs cover this rather well. > I assume the FreeS/WAN is more difficult to configure in a MS > / Linux environment since it requires a 3rd party client software. I'm not certain but I think that freeS/WAN will talk to MS IPSec. I have not tried though. I saw somewhere that there is a (commercial?) PGP package that supports this under Windows too. Do you need to encrypt TCP traffic or UDP as well? Do you need to access lots of ports or only a few? Do you have a couple users or many? A simple (simple to set up) solution is to use OpenSSH on the linux server and TerraTerm and TTSSH on the Windows client to gain access to specific ports on a secure network. This isn't perfect by any means but it's much easier to configure. I actually have used all 3 methods and I like freeS/WAN the best. It also took the most time to configure and only works between 2 Linux systems. I have seen other solutions on Freshmeat. I have tried a couple with no success (because of a problem with ipchains and not the particular software). There are solutions that don't require patching the kernel but I think they only work in Linux or *nix environments. Cheers, Scott Patten
[expert] VPN software
Is there an RPM for freeS/WAN or poptop available or do we need to install from source? Also, does 7.2 support the latest version of poptop and FreeS/WAN? I assume the FreeS/WAN is more difficult to configure in a MS / Linux environment since it requires a 3rd party client software. Best regards, Andrew Judge
Re: [expert] VPN
try http://www.freeswan.org On Sun, 7 Jan 2001, Luis Chardon wrote: > Date: Sun, 7 Jan 2001 21:50:58 -0400 (AST) > From: Luis Chardon <[EMAIL PROTECTED]> > Reply-To: [EMAIL PROTECTED] > To: [EMAIL PROTECTED] > Subject: [expert] VPN > > > Does anyone know which softwares exists on linux so a linux box can > connect to a VPN? > > Thanks, > > Luis > > -- _|_|_ Best Regard's , ( ) * Amir Tal, /v\ / System Administrator /( )XIntercomp Ltd. (m_m) fax : 09-9526170 | |ICQ : 15748705 | (_)_ __ Office : 09-9526993. | | | '_ \| | | \ \/ / | | | | | | |_| |> < |_)_|_|_| |_|\__,_/_/\ visit us at www.legacy2web.com.
Re: [expert] VPN
There are are a number of options. The one that I am experimenting with at the moment is FreeSWAN (www.freeswan.org). FreeSWAN is a free implementation of IPSec which as far as I know of is the most secure protocol out there. > Does anyone know which softwares exists on linux so a linux box can > connect to a VPN? > > Thanks, > > Luis
[expert] VPN
Does anyone know which softwares exists on linux so a linux box can connect to a VPN? Thanks, Luis
[expert] VPN for linux using Winxx clients UPDATE
I still have problems finding PGPnet in a exportable version, the freeware version 6.5.3 of PGP should include it. But. Anyone knows of other clients? However for people you would like to play around with this I found an excelent howto. Have a look at these links: http://www.rommel.stw.uni-erlangen.de/~hshoexer/ipsec-howto/HOWTO.html http://jixen.tripod.com/#Rw-PGP-to-Fwan Regards, Mads Keep in touch with http://mandrakeforum.com: Subscribe the "[EMAIL PROTECTED]" mailing list.
Re: [expert] VPN access through firewall
Clayton Nielsen wrote: > > I have been challanged to setup a firewall for a friend of mine at his place of > bussiness since they are having problems using win based firewalls. Over the > last few months they have had quite a number of intrutions and need a better > solution. Anyway I can get everything buttoned up tight to prevent access from > the web but now I have to allow certain people (employees) to access to the > work server from their homes so they can check stock and update orders. > Anything would help. > Thanx > Clayton > > PMfirewall (look in freshmeat) or http://www.freesco.org Ron -- +--+ | Ron Johnson, Jr.Home: [EMAIL PROTECTED] | | Jefferson, LA USA WWW : [EMAIL PROTECTED] | | http://ronandheather.dhs.org | +--+ Keep in touch with http://mandrakeforum.com: Subscribe the "[EMAIL PROTECTED]" mailing list.
[expert] VPN access through firewall
I have been challanged to setup a firewall for a friend of mine at his place of bussiness since they are having problems using win based firewalls. Over the last few months they have had quite a number of intrutions and need a better solution. Anyway I can get everything buttoned up tight to prevent access from the web but now I have to allow certain people (employees) to access to the work server from their homes so they can check stock and update orders. Anything would help. Thanx Clayton Keep in touch with http://mandrakeforum.com: Subscribe the "[EMAIL PROTECTED]" mailing list.
[expert] VPN using FreeS/Wan and MS win clients????
Hi there, Have anyone here tried playing around with FreeS/Wan? I would like to hook up win9x clients out of the company to a VPN server running FreeS/Wan but I cannot find any info on clients? I have heard that PGP have a client for IPsec in the most recent version and that it is possible to download due to reduced export regulations. However I havent been able to find it. The PGP6.5.8 from PGPi doesn´t include it. Is there any other options? How about specialt settings for FreeS/Wan? Regards, Mads Rasmussen Keep in touch with http://mandrakeforum.com: Subscribe the "[EMAIL PROTECTED]" mailing list.
[expert] VPN using FreeS/Wan and MS win clients????
Hi there, Have anyone here tried playing around with FreeS/Wan? I would like to hook up win9x clients out of the company to a VPN server running FreeS/Wan but I cannot find any info on clients? I have heard that PGP Keep in touch with http://mandrakeforum.com: Subscribe the "[EMAIL PROTECTED]" mailing list.
[expert] VPN problems to access university
Having looked into getting VPN to work from my NT at home thru my LM7.1 firewall/IPmasq, I am annoyed ! I have read the VPN howto and linux VPN masquerade. The former is if you want to create your own local VPN. The latter one indicates that you must patch the source and recompile the kernel. I am using the Nortel Network Extranet as the VPN client on NT, which worked before adding in my linux firewall. This extranet supports IPsec and ISAKMP. IP masq is working. I went to http://www.wolfenet.com/~jhardin/ip_masq_vpn.html to get the patch, which is only 2.2.15 and saved as ip_masq_vpn-2.2.15.patch.gz except that it appears to not bein gzip format. Yes, I tried winzip and gunzip/zcat while trying to do zcat patchfile.gz | patch -l -p0 > vpn.log I've contacted the author John Hardin on this, but has anyone else got this working ? Will the 2.2.15 patch be ok within my 2.2.16 kernel ? So now I had to look into (learn) how to rebuild the linux-2.2.16-secure.mdk kernel already installed. How does the "secure" kernel get built ? Where is the option or source I need to make sure it's compiled as secure ? I got the source and RPM (and installed) after running MandrakeUpdate. Thanks... Dan.
Re: [expert] VPN
On 3 Jul 00, at 20:39, Sridhar G wrote: > I'd like to access my office network from home. By default I've been given > instructions to access it from Windows using VPN. Can I configure Linux to > access my office net. If so how. Can someone point me to a HOWTO or site. read the networking howto in /usr/doc Sthitaprajna | (at)mailandnews(dot)com | PGP:619E875D "So many people, so little purpose."
[expert] VPN
Hi, I'd like to access my office network from home. By default I've been given instructions to access it from Windows using VPN. Can I configure Linux to access my office net. If so how. Can someone point me to a HOWTO or site. Cheers Sridhar
RE: [expert] VPN--smbmount doesn't work
One problem with Linux is that it does not forwards smb broadcasts that are basic for Windoze network browsing. For this Samba has to be patched and recompiled. Please look at http://www.linuxplanet.com/linuxplanet/tutorials/1159/1/ > Problem at a glance: the smbmount command resolves the IP address of the > share > server from the share name, and ignores the ip= parameter > described > in the man page. > > At home I have a Win98 pc (hostname "meganpc") with c:\temp shared to > the network. I have a Mandrake 6.1 box (it rocks) (hostname "cerberos") > as a > firewall running IPchains / IP masquerading to allow and protect access > to/from > the cable modem. The internal network is 10.0.0.0/24--meganpc is > 10.0.0.50. > > Here at the office, I have Mandrake 7.0 (it rocks too) on my Toshiba > Tecra. I > would like to use Samba to mount //meganpc/temp to my local /mnt/temp > through > ssh local port forwarding. > > Step 1: Make the connection > [laptop]# ssh -L 139:meganpc:139 cerberos > root's password: > Last login: Tue Jan 18 2000 11:45:54 -0500 > No mail. > [root@cerberos /root]# > ###This works fine, I authenticate, and ssh has begun to forward my > localhost:139 to meganpc:139 > > Step 2: Verify the connection from my laptop > [laptop]# smbclient //meganpc/temp -I localhost -N > added interface ip=xxx.xxx.xxx.xxx bcast=xxx.xxx.xxx.255 > nmask=255.255.255.0 > smb: \> ls r* > rawrite.exe A14305 Wed Oct 13 21:45:58 1999 > rawwritewin.exe A 208896 Wed Oct 13 21:46:10 1999 > ROGET13.TXT A 1410440 Wed Jun 3 08:43:44 1992 > rebol-howto.htmlA67297 Fri Dec 10 22:03:34 1999 > rebol D0 Sat Dec 11 17:11:20 1999 > rp7-complete-setup.exe A 7582720 Sun Jan 9 01:47:08 2000 > > 63883 blocks of size 131072. 35702 blocks available > smb: \> > ###So you see this works too. I have successfully redirected meganpc:139 > to > localhost:139 and connected to it with Samba's own smbclient command! > > Step 3: Mount the drive > [laptop]# smbmount //meganpc/test /mnt/temp ip=localhost guest > error connecting to 10.0.0.50:139 (No route to host) > Connection to meganpc failed > SMB connection failed > > === > So, as you can see with the smbclient command, above, I trust that the ssh > connection is up and running. `netstat -an` shows a local port 139 > listening. > I do not have Samba running locally, so there's no port conflict. > > It seems to me, that the smbmount command simply does not understand the > "ip=" > flag. It continues to try and resolve "meganpc" from the netbios share > name--and does so correctly from my /etc/hosts--but that's not the IP > address I > want to use! It doesn't accept the address I give it (even 127.0.0.1 or > my IP > address). It's interesting that `man smbmount` shows the "ip=" flag, but > `man > smbmnt` does not. Is this parameter simply not passed to the real mount > command? Was this simply not implemented? > > If anyone can help with this Samba problem, I give you my thanks in > advance. > -- > Scott Brightwell > Systems Engineer > CTSinc.net
RE: [expert] VPN--smbmount doesn't work
Also put entries in /etc/lmhosts. Have you checked the ipchains rules in both Linux boxes? Are you allowing the real interfaces in the protected network communicate with the virtual interfaces? > just a guess here.have you thougth of putting an entry in /etc/hosts > for > meganpc? or setting up DNS somewhere? At leat this way there is some > resolving happening here (resolve meganpc to an ip if smbmount wont use an > ip) > You said "It doesn't accept the address I give it (even 127.0.0.1 or my IP > address). " but will it accept localhost or cerbros? > > Let me know how you go with that. > > Michael
Re: [expert] VPN--smbmount doesn't work
just a guess here.have you thougth of putting an entry in /etc/hosts for meganpc? or setting up DNS somewhere? At leat this way there is some resolving happening here (resolve meganpc to an ip if smbmount wont use an ip) You said "It doesn't accept the address I give it (even 127.0.0.1 or my IP address). " but will it accept localhost or cerbros? Let me know how you go with that. Michael
[expert] VPN--smbmount doesn't work
Problem at a glance: the smbmount command resolves the IP address of the share server from the share name, and ignores the ip= parameter described in the man page. At home I have a Win98 pc (hostname "meganpc") with c:\temp shared to the network. I have a Mandrake 6.1 box (it rocks) (hostname "cerberos") as a firewall running IPchains / IP masquerading to allow and protect access to/from the cable modem. The internal network is 10.0.0.0/24--meganpc is 10.0.0.50. Here at the office, I have Mandrake 7.0 (it rocks too) on my Toshiba Tecra. I would like to use Samba to mount //meganpc/temp to my local /mnt/temp through ssh local port forwarding. Step 1: Make the connection [laptop]# ssh -L 139:meganpc:139 cerberos root's password: Last login: Tue Jan 18 2000 11:45:54 -0500 No mail. [root@cerberos /root]# ###This works fine, I authenticate, and ssh has begun to forward my localhost:139 to meganpc:139 Step 2: Verify the connection from my laptop [laptop]# smbclient //meganpc/temp -I localhost -N added interface ip=xxx.xxx.xxx.xxx bcast=xxx.xxx.xxx.255 nmask=255.255.255.0 smb: \> ls r* rawrite.exe A14305 Wed Oct 13 21:45:58 1999 rawwritewin.exe A 208896 Wed Oct 13 21:46:10 1999 ROGET13.TXT A 1410440 Wed Jun 3 08:43:44 1992 rebol-howto.htmlA67297 Fri Dec 10 22:03:34 1999 rebol D0 Sat Dec 11 17:11:20 1999 rp7-complete-setup.exe A 7582720 Sun Jan 9 01:47:08 2000 63883 blocks of size 131072. 35702 blocks available smb: \> ###So you see this works too. I have successfully redirected meganpc:139 to localhost:139 and connected to it with Samba's own smbclient command! Step 3: Mount the drive [laptop]# smbmount //meganpc/test /mnt/temp ip=localhost guest error connecting to 10.0.0.50:139 (No route to host) Connection to meganpc failed SMB connection failed === So, as you can see with the smbclient command, above, I trust that the ssh connection is up and running. `netstat -an` shows a local port 139 listening. I do not have Samba running locally, so there's no port conflict. It seems to me, that the smbmount command simply does not understand the "ip=" flag. It continues to try and resolve "meganpc" from the netbios share name--and does so correctly from my /etc/hosts--but that's not the IP address I want to use! It doesn't accept the address I give it (even 127.0.0.1 or my IP address). It's interesting that `man smbmount` shows the "ip=" flag, but `man smbmnt` does not. Is this parameter simply not passed to the real mount command? Was this simply not implemented? If anyone can help with this Samba problem, I give you my thanks in advance. -- Scott Brightwell Systems Engineer CTSinc.net