subject:"Re\: Need Help setting up a VPN Connection to my LAN"

Re: Need Help setting up a VPN Connection to my LAN

2012-06-25 Thread jill

  Version: 
  page should look like this: 
  http: 
  //ui.linksys.com/files/BEFSX41/1.52.5/Security-VPN-Tunnel-Enabled.htm
  for the BEFSX41 (which is all it supports): 
  http: //homesupport.cisco.com/en-us/wireless/lbc/BEFSX41
  well as VirtualMachine images): 
  http: //openvpn.net/index.php/download/access-server-downloads.html
  To configure OpenVPN client in Linux: 
  Client configuration instructions for  Sentinel  to BEFSX41: (useful
 for
  setting options in your linux client): 
  http: //www.homenethelp.com/vpn/router-config.asp
   On Jun 24, 2012 1: 00 PM, Mark Phillips m...@phillipsmarketing.biz
  wrote: 
  http: //it-clowns.comSafeway.com
  To subscribe, unsubscribe, or to change your mail settings: 
  http: //lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
  To subscribe, unsubscribe, or to change your mail settings: 
  http: //lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
  http: //it-clowns.comSafeway.com
  To subscribe, unsubscribe, or to change your mail settings: 
  http: //lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
 To subscribe, unsubscribe, or to change your mail settings: 
 http: //lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Content-Type: text/plain; charset=UTF-8
Date: Mon, 25 Jun 2012 12:23:33 -0700
Message-ID: 1340652213.2685.43.camel@debian
Mime-Version: 1.0
X-Mailer: Evolution 2.30.3
Content-Transfer-Encoding: 7bit
X-Gm-Message-State: 
ALoCoQlubsLWS8GVxqy5phuEcM+Bqb40xx77jviUeNuJxQbf55vQZN9zigEC6yB4j8ITdSRhl276

Some might disagree with me here, but as a possible alternative to
setting up a full VPN solution...  If you're going to be needing to do
this often then absolutely a more permanent VPN solution makes sense.
But for a one-off or two-off if you don't need GUI access, just a shell,
you could do a reverse ssh tunnel.  

If you have access to any trusted server off your home network you can
use that, or what I've done in the past is just spin up a small cloud
image on Amazon or Dreamhost or anywhere that offers a utility-based
pricing model (pay only for the time you use).  Build the tunnel from
one of the computers on your LAN to the cloud server and leave it open.
If you're worried the connection might drop while you're away you could
write a small script that checks to see if the tunnel is up, and
restarts it if it isn't (copy a public key to the cloud server for
key-based auth so this doesn't need a password).  Then when you need to
log into your stuff at home, ssh from your laptop to the cloud server,
then jump from there to the machine on your LAN that has the other end
of your tunnel.  If you need to access more than one system at home, you
can then jump from the system with the tunnel to whatever you need to
get at.  Yes, performance could suck a bit ssh'ing 2-3 times, but the
set up is generally faster than VPN if you only need to use it once and
you're comfortable working with ssh already.  

Just a thought if you needed to get going quickly, or have something
until you can get a VPN up.  And don't forget to shut down the cloud
server when you're back home so you don't pay for something you aren't
using! I've done that one too, luckily an EC2 micro instance is pretty
cheap.  Good walkthrough on reverse tunneling:
http://www.howtoforge.com/reverse-ssh-tunneling  

-- 
Jill


n 2012-06-25 02:26, Mark Phillips wrote:


---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

RE: Need Help setting up a VPN Connection to my LAN

2012-06-25 Thread Carruth, Rusty

Actually, using VNC you can even get GUI access with a 'local' ssh
forward of the VNC port.

Been there, done that, it works.

Check out these 2 ssh command lines:

ssh -L 5902:there:5902 me@overthere

This will ssh into 'overthere' as 'me', and once you are logged in
'overthere' it will forward port 5902 from the machine on which you
STARTED the ssh session to the VNC server (port 5902) on machine 'there'
- which for best results is over on the same subnet as 'overthere' :-)

In other words, say ssh -L 5902:vncserver:5902 me@vncserver then, once
you are logged in, from the same machine on which you did the ssh,
connect to 'localhost' using VNC client - and you are instead talking to
the vncserver's VNC (:2 or :1, I think).

ssh -R 9283:there2:9283 me@overthere

As before, once you have gotten logged in as 'me' 'overthere', it
forwards a port, but this time from the 'overthere' side back to your
side, so that 'there2' should be on the same subnet as the machine from
which you started the ssh.

Note that there is NO requirement for the two port numbers to be the
same value.

If that's confusing, sorry, but ssh DOES tend to be a bit of a swiss
army knife!

Rusty
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Need Help setting up a VPN Connection to my LAN

2012-06-24 Thread Stephen

Rtfm?

It really depends on what your options are in the vpn device are.
On Jun 24, 2012 1:00 PM, Mark Phillips m...@phillipsmarketing.biz wrote:

 I need to take my laptop on several road trips, and I need to connect back
 to my home office LAN - all Debian machines. I am on COX cable with a
 BEFSX41 router. The BEFSX41 has a VPN option that I have never used. What
 do I need to add to my laptop (Debian) to talk to my home office LAN
 securely (ie through a VPN) using my BEFSX41? Obviously, I am a complete
 nube when it comes to setting up VPN access to my LAN. I have googled for
 some recommendations, but I have not found a good reference to follow.

 Thanks,

 Mark

 ---
 PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
 To subscribe, unsubscribe, or to change your mail settings:
 http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Need Help setting up a VPN Connection to my LAN

2012-06-24 Thread Mark Phillips

Stephen,

Thanksthere are tons of options on the device. But I read that I need a
vpn server on my LAN.other posts say no.Most of the information I
found in forums is several years old, so I thought someone with more
experience than me could point me to a better manual. I read this
http://www.debian-administration.org/articles/489, but again it is over 5
years old, so perhaps there is a better solution?

This is the manual page from the BEFSX41.I am not completely sure which
options to use. Plus, I assume I may need something running on my laptop -
OpenVPN? Do I need a VPN server on my LAN, or something else, to be able to
login to my different machines?

Mark

*VPN** Passthrough*

This Router supports IPSec, PPTP, and PPPoE Passthrough. You can select
either *Enable* or *Disable* for these options.
--

*VPN*

*Select Tunnel Entry*- Select the tunnels number you want to set up.

*Delete*- click this to remove any entries made for this tunnel you
selected.

*Summary*- Click this button to display the status of all the tunnels.

*IPSec VPN Tunnel*- Select *Enabled* to create a tunnel or *Disabled* to
close the tunnel.

*Tunnel Name*- Once the tunnel is enabled, enter an arbitrary name for the
tunnel you are about to create.

*Local Secure Group*

This allows you to grant local computer access to this tunnel.
SubnetThis will allow all computers on the local subnet to access the
tunnel. Enter the IP Address and Mask to allow access to the tunnel.IP
Addr.This
only allows the local computer with the specified IP address. Enter the IP
address you want to allow access to the tunnel.IP RangeThis allows a range
of local computers to access the tunnel.  Enter the IP address range
allowed to access the tunnel.

* Remote Secure Group*

This allows you grant remote computers access to this tunnel.
SubnetThis will allow all computers on the remote subnet to access the
tunnel. Enter the IP Address and Mask to allow access to the tunnel.IP
Addr.This
only allows the remote computer with the specified IP address. Enter the IP
address you want to allow access to the tunnel.IP RangeThis allows a range
of remote computers to access the tunnel.  Enter the IP address range
allowed to access the tunnel.HostWhen this is selected, the settings will
be the same as the Remote Security Gateway. AnyThis option will allow any
IP address from a remote location to access this tunnel.

* Remote Secure Gateway*

This sets the remote end of the VPN tunnel. You can either specify the IP
address, Domain, or Any.
IP Addr.Enter the IP address of the remote tunnel you will connect.DomainThis
option lets you enter the fully qualified domain name. If you do not have
an IP address, you have an option to enter the domain of the tunnel you are
connecting to.AnyThis will will allow any tunnel connection to be
established.



*Encryption*
DESData Encryption Standard (DES) is a type of encryption for this VPN
tunnel. If you select this option, make sure the other end of the tunnel
uses the same encryption type.3DESTriple Data Encryption Standard (3DES) is
a stronger type of encryption for this VPN Tunnel. If you select this
option, make sure the other end of the tunnel uses the same encryption type.
DisableThis option will not encrypt for this tunnel.

*Authentication*
MD5Message-Digest Algorithm (MD5)- Generates 128-bit message digest based
on the input.  If you select this option, make sure the other end of the
tunnel uses the same authentication type.SHASecure Hash Algorithm (SHA)-
Generates 160-bit message digest based on the input.  If you select this
option, make sure the other end of the tunnel uses the same authentication
type.DisabledThis option will not authenticate for this tunnel.

*Key Management*

In order for any encryption to occur, the two ends of the tunnel must agree
on the type of encryption.  This is done by sharing a key to  encrypt
code. You can select *Auto (IKE)* or *Manual*.

*Automatic Key Management*
PFSPerfect Forward Secrecy (PFS) ensures that the initial key exchange and
IKE proposal are secure. This must be the same for both end of the
tunnel.Pre-shared
KeyEnter a series of number and letters that will be used as your key. This
must be the same for both end of the tunnel.Key LifetimeEnter a number of
seconds for the life of the key. After the key lifetime expires, a new code
will be generated. This much be the same for both end of the tunnel.

*Manual Key Management*
Encryption keyEnter a series of letters or numbers to generate an
encryption key. This must be the same for both end of the tunnel.Authentication
KeyEnter a series of letters or numbers to generate an authentication key. This
must be the same for both end of the tunnel.Inbound SPIEnter a series of
letter or numbers to generate the Inbound SPI. This must match the outbound
SPI on the other end of the tunnel.Outbound SPIEnter a series of letter or
numbers to generate the outbound SPI.  This must match the inbound SPI

Re: Need Help setting up a VPN Connection to my LAN

2012-06-24 Thread Michael Butash

This sounds like yours does what is known as a lan to lan 
configuration, or lan extension mode.  Two subnets routing together, not 
a remote access or client-based vpn, like a home-office extension to 
work permanently.  Not client-based vpn, which is probably what you're 
looking for.


Normally what you want is to have a vpn device that acts as a 
concentrator for clients running crypto software, initiate a 
connection, set up virtual tunneling from your box to the concentrator 
hub, and you now become an extension of the internal network from your 
client/host.  Yours sounds like it's meant to tie your subnet to a hub 
device, which implies like two of these devices back to back across the 
internet, not a windows box phoning home.


If you're looking for a good little vpn box, snipe an old cisco pix 501 
unrestricted on ebay cheap (or buy-it-now for ~30-50 bucks), setup 
client ipsec vpn connections with local accounts documented since the 
beginning of time, free client software for every platform (native on 
linux now with cvpnd/network-manager) and use that as it requires 
minimal gui config.  It supports 3des which is still fairly adequate for 
clients, or you can find newer asa5505's for ~200-300 that do aes256, 
certs, ldap auth (ad), whatever.  Good/cheap device with tons of info 
out there, and a built-in java gui wizard for setting it up that even a 
windoze admin can figure out client vpn setup.


I'm actually looking to do this at the moment to stub off my mom's house 
on a persistent tunnel lan extension to my network so I can 
remote-manage her security and give access to my media stash.  The 
little pix 501's are good


Openvpn is good too, but more diy than you may like with certs and such 
vs passwords.  You can get the little ddwrt/tomato ap/router boxen like 
asus n16's that can also install openvpn for this if you want a canned 
solution.


There are other soho vpn boxes I've seen at frys and such, but they're 
entirely ymmv-ish off-brand stuff usually.  Not sure netgear or dlink 
are really know for their prowess for vpn client function, but I think not.


-mb


On 06/24/2012 01:21 PM, Mark Phillips wrote:

Stephen,

Thanksthere are tons of options on the device. But I read that I
need a vpn server on my LAN.other posts say no.Most of the
information I found in forums is several years old, so I thought someone
with more experience than me could point me to a better manual. I read
this http://www.debian-administration.org/articles/489, but again it is
over 5 years old, so perhaps there is a better solution?

This is the manual page from the BEFSX41.I am not completely sure
which options to use. Plus, I assume I may need something running on my
laptop - OpenVPN? Do I need a VPN server on my LAN, or something else,
to be able to login to my different machines?

Mark

*/VPN/**/Passthrough/*

This Router supports IPSec, PPTP, and PPPoE Passthrough. You can select
either*Enable*or*Disable*for these options.



*/VPN/*

*Select Tunnel Entry*- Select the tunnels number you want to set up.

*Delete*- click this to remove any entries made for this tunnel you
selected.

*Summary*- Click this button to display the status of all the tunnels.

*IPSec VPN Tunnel*- Select*Enabled*to create a tunnel or*Disabled*to
close the tunnel.

*Tunnel Name*- Once the tunnel is enabled, enter an arbitrary name for
the tunnel you are about to create.

*Local Secure Group*

This allows you to grant local computer access to this tunnel.

Subnet  This will allow all computers on the local subnet to access the
tunnel. Enter the IP Address and Mask to allow access to the tunnel.
IP Addr.This only allows the local computer with the specified IP
address. Enter the IP address you want to allow access to the tunnel.
IP RangeThis allows a range of local computers to access the tunnel.
Enter the IP address range allowed to access the tunnel.

* Remote Secure Group*

This allows you grant remote computers access to this tunnel.

Subnet  This will allow all computers on the remote subnet to access the
tunnel. Enter the IP Address and Mask to allow access to the tunnel.
IP Addr.This only allows the remote computer with the specified IP
address. Enter the IP address you want to allow access to the tunnel.
IP RangeThis allows a range of remote computers to access the tunnel.
Enter the IP address range allowed to access the tunnel.
HostWhen this is selected, the settings will be the same as the Remote
Security Gateway.
Any This option will allow any IP address from a remote location to
access this tunnel.

* Remote Secure Gateway*

This sets the remote end of the VPN tunnel. You can either specify the
IP address, Domain, or Any.

IP Addr.Enter the IP address of the remote tunnel you will connect.
Domain  This option lets you enter the fully qualified domain name. If
you do not have an IP

Re: Need Help setting up a VPN Connection to my LAN

2012-06-24 Thread Lisa Kachold

Hi Mark,

The BEFSX41's were not completely configured for anything but SITE---SITE
VPN.  An IPSEC tunnel to tunnel can be setup evidently to work with a linux
VPN client. where you have a static client IP address (no NAT), but you are
correct, it's a bit of work.

And there are some known issues:
http://homecommunity.cisco.com/t5/Wired-Routers/VPN-works-causes-periodic-freezes-of-BEFSX41/m-p/227179?comm_cc=HSuscomm_lang=en#226944

Version:
Do you have BEFSX41 v1 or v2?  With the most recent firmware, the VPN page
should look like this:
http://ui.linksys.com/files/BEFSX41/1.52.5/Security-VPN-Tunnel-Enabled.htm

Linksys QuickVPN software and cisco VPN client will not work for IPSEC or
this router.  Linksys has instructions for setting up an IPSEC tunnel for
the BEFSX41 (which is all it supports):
http://homesupport.cisco.com/en-us/wireless/lbc/BEFSX41

As you can see, you can, with this router, do passthrough and OpenVPN is so
nice, easy and powerful, I recommend you just use it (rather than try to
configure VPNs from this router) [simply check all three boxes on the
BEFSX41 and save].

OpenVPN Access Server (OpenVPN-AS) is a set of installation and
configuration tools that simplify the rapid deployment of a VPN remote
access solution. It is based on the popular OpenVPN open-source software,
making the deployed VPN immediately compatible with OpenVPN client software
across multiple user platforms.* *The server configurations options
supported are a carefully selected subset of a quite large set of possible
OpenVPN configurations. Thus, OpenVPN Access Server streamlines the
configuration and management of an OpenVPN-based secure remote access
deployment.
You can get OpenVPNAS here (for Ubuntu, Fedora, CentOs and Redhat, as well
as VirtualMachine images):
http://openvpn.net/index.php/download/access-server-downloads.html

To configure OpenVPN client in Linux:
Simply surf to the port you setup for your OpenVPNAS server [usually
80/443] (be sure to port forward as needed) and login with the user name
and password you setup and it will prompt you to download your client for
Linux, OS X, or Windows.

Client configuration instructions for  Sentinel  to BEFSX41: (useful for
setting options in your linux client):
http://www.homenethelp.com/vpn/router-config.asp







 On Jun 24, 2012 1:00 PM, Mark Phillips m...@phillipsmarketing.biz
 wrote:

 I need to take my laptop on several road trips, and I need to connect
 back to my home office LAN - all Debian machines. I am on COX cable with a
 BEFSX41 router. The BEFSX41 has a VPN option that I have never used. What
 do I need to add to my laptop (Debian) to talk to my home office LAN
 securely (ie through a VPN) using my BEFSX41? Obviously, I am a complete
 nube when it comes to setting up VPN access to my LAN. I have googled for
 some recommendations, but I have not found a good reference to follow.

 Thanks,

 Mark






-- 
(503) 754-4452 Android
(623) 239-3392 Skype
(623) 688-3392 Google Voice
**
http://it-clowns.comSafeway.com
Automation Engineer
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Need Help setting up a VPN Connection to my LAN

2012-06-24 Thread Eric Shubert


What's running on your laptop?

With the Shrew Soft VPN client (ike and ide-gtgui on ubuntu) packages, 
you *might* get an IPSec connection going, but NAT on your laptop/remote 
end will likely trip things up. I would recommend steering clear of IPSec.


OpenVPN is the VPN of choice for road warriors. On the home/server end, 
I use IPCop. It's a full featured firewall distro that contains OpenVPN 
(and IPSec) as well as a slew of other features. It will run nicely on 
an old P-III system, with as little as 128M of RAM and a 1G HDD. Find an 
old desktop system that's going to be scrapped, throw a 2nd nic in it, 
and you're ready to roll. You'll need a switch behind it for your 
LAN/Green subnet, but those are dirt cheap as well.


--
-Eric 'shubes'


On 06/24/2012 01:21 PM, Mark Phillips wrote:

Stephen,

Thanksthere are tons of options on the device. But I read that I
need a vpn server on my LAN.other posts say no.Most of the
information I found in forums is several years old, so I thought someone
with more experience than me could point me to a better manual. I read
this http://www.debian-administration.org/articles/489, but again it is
over 5 years old, so perhaps there is a better solution?

This is the manual page from the BEFSX41.I am not completely sure
which options to use. Plus, I assume I may need something running on my
laptop - OpenVPN? Do I need a VPN server on my LAN, or something else,
to be able to login to my different machines?

Mark

*/VPN/**/Passthrough/*

This Router supports IPSec, PPTP, and PPPoE Passthrough. You can select
either*Enable*or*Disable*for these options.



*/VPN/*

*Select Tunnel Entry*- Select the tunnels number you want to set up.

*Delete*- click this to remove any entries made for this tunnel you
selected.

*Summary*- Click this button to display the status of all the tunnels.

*IPSec VPN Tunnel*- Select*Enabled*to create a tunnel or*Disabled*to
close the tunnel.

*Tunnel Name*- Once the tunnel is enabled, enter an arbitrary name for
the tunnel you are about to create.

*Local Secure Group*

This allows you to grant local computer access to this tunnel.

Subnet  This will allow all computers on the local subnet to access the
tunnel. Enter the IP Address and Mask to allow access to the tunnel.
IP Addr.This only allows the local computer with the specified IP
address. Enter the IP address you want to allow access to the tunnel.
IP RangeThis allows a range of local computers to access the tunnel.
Enter the IP address range allowed to access the tunnel.

* Remote Secure Group*

This allows you grant remote computers access to this tunnel.

Subnet  This will allow all computers on the remote subnet to access the
tunnel. Enter the IP Address and Mask to allow access to the tunnel.
IP Addr.This only allows the remote computer with the specified IP
address. Enter the IP address you want to allow access to the tunnel.
IP RangeThis allows a range of remote computers to access the tunnel.
Enter the IP address range allowed to access the tunnel.
HostWhen this is selected, the settings will be the same as the Remote
Security Gateway.
Any This option will allow any IP address from a remote location to
access this tunnel.

* Remote Secure Gateway*

This sets the remote end of the VPN tunnel. You can either specify the
IP address, Domain, or Any.

IP Addr.Enter the IP address of the remote tunnel you will connect.
Domain  This option lets you enter the fully qualified domain name. If
you do not have an IP address, you have an option to enter the domain of
the tunnel you are connecting to.
Any This will will allow any tunnel connection to be established.

*Encryption*

DES Data Encryption Standard (DES) is a type of encryption for this VPN
tunnel. If you select this option, make sure the other end of the tunnel
uses the same encryption type.
3DESTriple Data Encryption Standard (3DES) is a stronger type of
encryption for this VPN Tunnel. If you select this option, make sure the
other end of the tunnel uses the same encryption type.
Disable This option will not encrypt for this tunnel.

*Authentication*

MD5 Message-Digest Algorithm (MD5)- Generates 128-bit message digest
based on the input.  If you select this option, make sure the other end
of the tunnel uses the same authentication type.
SHA Secure Hash Algorithm (SHA)- Generates 160-bit message digest based
on the input.  If you select this option, make sure the other end of the
tunnel uses the same authentication type.
DisabledThis option will not authenticate for this tunnel.

*Key Management*

In order for any encryption to occur, the two ends of the tunnel must
agree on the type of encryption.  This is done by sharing a key to
encrypt code. You can select*Auto (IKE)*or*Manual*.

*Automatic Key Management*

PFS Perfect Forward Secrecy (PFS) ensures that the

Re: Need Help setting up a VPN Connection to my LAN

2012-06-24 Thread Mark Phillips

Thanks for all the comments. Based on what you have said and further
research, I have come to the conlusion...

1. I need to install openvpn on a machine on my lan and on my laptop.
2. I will follow these instructions for installation and configuration -
http://openvpn.net/index.php/open-source/documentation/howto.html#quick
3. Just enable all the vpn options on my BEFSX41 and pray it all
connects...;)

fallbackpurchase a cisco pix 501 and play with that.

Thanks!

Mark
On Sun, Jun 24, 2012 at 3:20 PM, Lisa Kachold lisakach...@obnosis.comwrote:

Hi Mark,

The BEFSX41's were not completely configured for anything but
SITE---SITE VPN. An IPSEC tunnel to tunnel can be setup evidently to
work with a linux VPN client. where you have a static client IP address (no
NAT), but you are correct, it's a bit of work.

And there are some known issues:
http://homecommunity.cisco.com/t5/Wired-Routers/VPN-works-causes-periodic-freezes-of-BEFSX41/m-p/227179?comm_cc=HSuscomm_lang=en#226944

Version:
Do you have BEFSX41 v1 or v2? With the most recent firmware, the VPN page
should look like this:
http://ui.linksys.com/files/BEFSX41/1.52.5/Security-VPN-Tunnel-Enabled.htm

Linksys QuickVPN software and cisco VPN client will not work for IPSEC or
this router. Linksys has instructions for setting up an IPSEC tunnel for
the BEFSX41 (which is all it supports):
http://homesupport.cisco.com/en-us/wireless/lbc/BEFSX41

As you can see, you can, with this router, do passthrough and OpenVPN is
so nice, easy and powerful, I recommend you just use it (rather than try to
configure VPNs from this router) [simply check all three boxes on the
BEFSX41 and save].

OpenVPN Access Server (OpenVPN-AS) is a set of installation and
configuration tools that simplify the rapid deployment of a VPN remote
access solution. It is based on the popular OpenVPN open-source software,
making the deployed VPN immediately compatible with OpenVPN client software
across multiple user platforms.* *The server configurations options
supported are a carefully selected subset of a quite large set of possible
OpenVPN configurations. Thus, OpenVPN Access Server streamlines the
configuration and management of an OpenVPN-based secure remote access
deployment.
You can get OpenVPNAS here (for Ubuntu, Fedora, CentOs and Redhat, as well
as VirtualMachine images):
http://openvpn.net/index.php/download/access-server-downloads.html

To configure OpenVPN client in Linux:
Simply surf to the port you setup for your OpenVPNAS server [usually
80/443] (be sure to port forward as needed) and login with the user name
and password you setup and it will prompt you to download your client for
Linux, OS X, or Windows.

Client configuration instructions for Sentinel to BEFSX41: (useful for
setting options in your linux client):
http://www.homenethelp.com/vpn/router-config.asp

On Jun 24, 2012 1:00 PM, Mark Phillips m...@phillipsmarketing.biz
wrote:

I need to take my laptop on several road trips, and I need to connect
back to my home office LAN - all Debian machines. I am on COX cable with a
BEFSX41 router. The BEFSX41 has a VPN option that I have never used. What
do I need to add to my laptop (Debian) to talk to my home office LAN
securely (ie through a VPN) using my BEFSX41? Obviously, I am a complete
nube when it comes to setting up VPN access to my LAN. I have googled for
some recommendations, but I have not found a good reference to follow.

Thanks,

Mark

--
(503) 754-4452 Android
(623) 239-3392 Skype
(623) 688-3392 Google Voice
**
http://it-clowns.comSafeway.com
Automation Engineer

---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Need Help setting up a VPN Connection to my LAN

2012-06-24 Thread Mark Phillips

Thanks for all the comments. Based on what you have said and further
research, I have come to the conlusion...

fallbackpurchase a cisco pix 501 and play with that.

Thanks!

Mark

On Sun, Jun 24, 2012 at 3:20 PM, Lisa Kachold lisakach...@obnosis.comwrote:

Hi Mark,

And there are some known issues:
http://homecommunity.cisco.com/t5/Wired-Routers/VPN-works-causes-periodic-freezes-of-BEFSX41/m-p/227179?comm_cc=HSuscomm_lang=en#226944

Version:
Do you have BEFSX41 v1 or v2? With the most recent firmware, the VPN page
should look like this:
http://ui.linksys.com/files/BEFSX41/1.52.5/Security-VPN-Tunnel-Enabled.htm

Client configuration instructions for Sentinel to BEFSX41: (useful for
setting options in your linux client):
http://www.homenethelp.com/vpn/router-config.asp

On Jun 24, 2012 1:00 PM, Mark Phillips m...@phillipsmarketing.biz
wrote:

Thanks,

Mark

--
(503) 754-4452 Android
(623) 239-3392 Skype
(623) 688-3392 Google Voice
**
http://it-clowns.comSafeway.com
Automation Engineer

---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Need Help setting up a VPN Connection to my LAN

2012-06-24 Thread Lisa Kachold

Hi Mark,

Just so you know, OpenVPN Access Server, automatically sets up all the
databases, certificates and web management.  It's REALLY EASY SOLID and
simple.  You get something like 3 free licenses.

I don't recommend you mess around with the regular OpenVPN instructions
(as linked below on your response) - unless you are masochistic.

Use these:
http://openvpn.net/index.php/access-server/docs/quick-start-guide.html

Excerpt:

*Linux Distribution:*
You will need to make sure you download the package that corresponds with
the current OS Distro, we currently support these Linux Distros:
- Ubuntu
- RHEL
- Fedora
- CentOS
- Debian (Install Ubuntu Packages for Debian)

Click here to download the OpenVPN Access Server
packageshttp://openvpn.net/index.php/access-server/download-openvpn-as-sw.html


*CPU Architecture:
*You will need to make sure you install the correct package depending on
your CPU Architecture (32bit or 64bit)
*
Installing the OpenVPN-AS Package:
*To Install the OpenVPN-AS package in Ubuntu or Debian you will need to run
this command:

*dpkg -i openvpnasdebpack.deb*

To install the OpenVPN-AS package in CentOS, RHEL, or Fedora you will need
to run this command:

*rpm -i openvpnasrpmpack.rpm*

The Admin Account for OpenVPN-AS needs to be setup through terminal by
doing the following:

Change the password:

passwd openvpn

You will then be prompted to set a password for the user openvpn, after
setting the password you can login to the Admin UI with the Username
openvpn and the password you set.

*Note: In some circumstances for certain configurations you may need to run
the complete ovpn-init script terminal: /usr/local/openvpn_as/bin/ovpn-init*

*Configuring the Admin Web Interface:
*After you have completed the Initial Configuration Tool you should then be
able to access the Admin Web Interface through your preferred web browser.
You should have noticed an link to the Admin Web Interface after you
completed the Initial Configuration Tool, if you missed it you can access
the Admin Web Interface by typing the following in your browsers address
bar: https://openvpnasip/admin https://openvpnasip:943/admin (Please
replace openvpnasip with the IP you allocated to your openvpn-as instance)
https://openvpnasip:943/admin
You can now go ahead and login with your openvpn admin credentials. Once
logged in you will see the following screen:

end excerpt

On Sun, Jun 24, 2012 at 6:08 PM, Mark Phillips
m...@phillipsmarketing.bizwrote:

 Thanks for all the comments. Based on what you have said and further
 research, I have come to the conlusion...

 1. I need to install openvpn on a machine on my lan and on my laptop.
 2. I will follow these instructions for installation and configuration -
 http://openvpn.net/index.php/open-source/documentation/howto.html#quick
 3. Just enable all the vpn options on my BEFSX41 and pray it all
 connects...;)

 fallbackpurchase a cisco pix 501 and play with that.

 Thanks!

 Mark
 On Sun, Jun 24, 2012 at 3:20 PM, Lisa Kachold lisakach...@obnosis.comwrote:

 Hi Mark,

 The BEFSX41's were not completely configured for anything but
 SITE---SITE VPN.  An IPSEC tunnel to tunnel can be setup evidently to
 work with a linux VPN client. where you have a static client IP address (no
 NAT), but you are correct, it's a bit of work.

 And there are some known issues:
 http://homecommunity.cisco.com/t5/Wired-Routers/VPN-works-causes-periodic-freezes-of-BEFSX41/m-p/227179?comm_cc=HSuscomm_lang=en#226944

 Version:
 Do you have BEFSX41 v1 or v2?  With the most recent firmware, the VPN
 page should look like this:
 http://ui.linksys.com/files/BEFSX41/1.52.5/Security-VPN-Tunnel-Enabled.htm

 Linksys QuickVPN software and cisco VPN client will not work for IPSEC or
 this router.  Linksys has instructions for setting up an IPSEC tunnel for
 the BEFSX41 (which is all it supports):
 http://homesupport.cisco.com/en-us/wireless/lbc/BEFSX41

 As you can see, you can, with this router, do passthrough and OpenVPN is
 so nice, easy and powerful, I recommend you just use it (rather than try to
 configure VPNs from this router) [simply check all three boxes on the
 BEFSX41 and save].

 OpenVPN Access Server (OpenVPN-AS) is a set of installation and
 configuration tools that simplify the rapid deployment of a VPN remote
 access solution. It is based on the popular OpenVPN open-source software,
 making the deployed VPN immediately compatible with OpenVPN client software
 across multiple user platforms.* *The server configurations options
 supported are a carefully selected subset of a quite large set of possible
 OpenVPN configurations. Thus, OpenVPN Access Server streamlines the
 configuration and management of an OpenVPN-based secure remote access
 deployment.
 You can get OpenVPNAS here (for Ubuntu, Fedora, CentOs and Redhat, as
 well as VirtualMachine images):
 http://openvpn.net/index.php/download/access-server-downloads.html

 To configure OpenVPN client in Linux:
 Simply surf to the port you

Re: Need Help setting up a VPN Connection to my LAN

2012-06-24 Thread Mark Phillips

Lisa,

Don't I have to pay a license fee for the OpenVPN Access Server? When I
looked on the site, I was prompted to buy a license.

Mark

On Sun, Jun 24, 2012 at 7:09 PM, Lisa Kachold lisakach...@obnosis.comwrote:

 Hi Mark,

 Just so you know, OpenVPN Access Server, automatically sets up all the
 databases, certificates and web management.  It's REALLY EASY SOLID and
 simple.  You get something like 3 free licenses.

 I don't recommend you mess around with the regular OpenVPN instructions
 (as linked below on your response) - unless you are masochistic.

 Use these:
 http://openvpn.net/index.php/access-server/docs/quick-start-guide.html

 Excerpt:

 *Linux Distribution:*
 You will need to make sure you download the package that corresponds with
 the current OS Distro, we currently support these Linux Distros:
 - Ubuntu
 - RHEL
 - Fedora
 - CentOS
 - Debian (Install Ubuntu Packages for Debian)

 Click here to download the OpenVPN Access Server 
 packageshttp://openvpn.net/index.php/access-server/download-openvpn-as-sw.html


 *CPU Architecture:
 *You will need to make sure you install the correct package depending on
 your CPU Architecture (32bit or 64bit)
 *
 Installing the OpenVPN-AS Package:
 *To Install the OpenVPN-AS package in Ubuntu or Debian you will need to
 run this command:

 *dpkg -i openvpnasdebpack.deb*

 To install the OpenVPN-AS package in CentOS, RHEL, or Fedora you will need
 to run this command:

 *rpm -i openvpnasrpmpack.rpm*

 The Admin Account for OpenVPN-AS needs to be setup through terminal by
 doing the following:

 Change the password:

 passwd openvpn

 You will then be prompted to set a password for the user openvpn, after
 setting the password you can login to the Admin UI with the Username
 openvpn and the password you set.

 *Note: In some circumstances for certain configurations you may need to
 run the complete ovpn-init script terminal:
 /usr/local/openvpn_as/bin/ovpn-init*

 *Configuring the Admin Web Interface:
 *After you have completed the Initial Configuration Tool you should then
 be able to access the Admin Web Interface through your preferred web
 browser. You should have noticed an link to the Admin Web Interface after
 you completed the Initial Configuration Tool, if you missed it you can
 access the Admin Web Interface by typing the following in your browsers
 address bar: https://openvpnasip/admin https://openvpnasip:943/admin (Please
 replace openvpnasip with the IP you allocated to your openvpn-as instance)
  https://openvpnasip:943/admin
 You can now go ahead and login with your openvpn admin credentials. Once
 logged in you will see the following screen:

 end excerpt


 On Sun, Jun 24, 2012 at 6:08 PM, Mark Phillips m...@phillipsmarketing.biz
  wrote:

 Thanks for all the comments. Based on what you have said and further
 research, I have come to the conlusion...

 1. I need to install openvpn on a machine on my lan and on my laptop.
 2. I will follow these instructions for installation and configuration -
 http://openvpn.net/index.php/open-source/documentation/howto.html#quick
 3. Just enable all the vpn options on my BEFSX41 and pray it all
 connects...;)

 fallbackpurchase a cisco pix 501 and play with that.

 Thanks!

 Mark
 On Sun, Jun 24, 2012 at 3:20 PM, Lisa Kachold lisakach...@obnosis.comwrote:

 Hi Mark,

 The BEFSX41's were not completely configured for anything but
 SITE---SITE VPN.  An IPSEC tunnel to tunnel can be setup evidently to
 work with a linux VPN client. where you have a static client IP address (no
 NAT), but you are correct, it's a bit of work.

 And there are some known issues:
 http://homecommunity.cisco.com/t5/Wired-Routers/VPN-works-causes-periodic-freezes-of-BEFSX41/m-p/227179?comm_cc=HSuscomm_lang=en#226944

 Version:
 Do you have BEFSX41 v1 or v2?  With the most recent firmware, the VPN
 page should look like this:

 http://ui.linksys.com/files/BEFSX41/1.52.5/Security-VPN-Tunnel-Enabled.htm

 Linksys QuickVPN software and cisco VPN client will not work for IPSEC
 or this router.  Linksys has instructions for setting up an IPSEC tunnel
 for the BEFSX41 (which is all it supports):
 http://homesupport.cisco.com/en-us/wireless/lbc/BEFSX41

 As you can see, you can, with this router, do passthrough and OpenVPN is
 so nice, easy and powerful, I recommend you just use it (rather than try to
 configure VPNs from this router) [simply check all three boxes on the
 BEFSX41 and save].

 OpenVPN Access Server (OpenVPN-AS) is a set of installation and
 configuration tools that simplify the rapid deployment of a VPN remote
 access solution. It is based on the popular OpenVPN open-source software,
 making the deployed VPN immediately compatible with OpenVPN client software
 across multiple user platforms.* *The server configurations options
 supported are a carefully selected subset of a quite large set of possible
 OpenVPN configurations. Thus, OpenVPN Access Server streamlines the
 configuration and management of an OpenVPN-based

Re: Need Help setting up a VPN Connection to my LAN

2012-06-24 Thread Lisa Kachold

No, you don't need a license for OpenVPNAS.

http://openvpn.net/index.php/access-server/docs/admin-guides/218-how-to-activate-your-license-in-openvpn-access-server.html

It comes with a couple licenses - if you buy 10 license for use in a
corporate environment, it's $50.00 bill for a lifetime of security.

See *http://openvpn.net/index.php/access-server/license-key.html*

Register and get your free 2 license community license key:
https://openvpn.net/index.php/component/comprofiler/registers.html

On Sun, Jun 24, 2012 at 7:26 PM, Mark Phillips
m...@phillipsmarketing.bizwrote:

 Lisa,

 Don't I have to pay a license fee for the OpenVPN Access Server? When I
 looked on the site, I was prompted to buy a license.

 Mark


 On Sun, Jun 24, 2012 at 7:09 PM, Lisa Kachold lisakach...@obnosis.comwrote:

 Hi Mark,

 Just so you know, OpenVPN Access Server, automatically sets up all the
 databases, certificates and web management.  It's REALLY EASY SOLID and
 simple.  You get something like 3 free licenses.

 I don't recommend you mess around with the regular OpenVPN instructions
 (as linked below on your response) - unless you are masochistic.

 Use these:
 http://openvpn.net/index.php/access-server/docs/quick-start-guide.html

 Excerpt:

 *Linux Distribution:*
 You will need to make sure you download the package that corresponds with
 the current OS Distro, we currently support these Linux Distros:
 - Ubuntu
 - RHEL
 - Fedora
 - CentOS
 - Debian (Install Ubuntu Packages for Debian)

 Click here to download the OpenVPN Access Server 
 packageshttp://openvpn.net/index.php/access-server/download-openvpn-as-sw.html


 *CPU Architecture:
 *You will need to make sure you install the correct package depending on
 your CPU Architecture (32bit or 64bit)
 *
 Installing the OpenVPN-AS Package:
 *To Install the OpenVPN-AS package in Ubuntu or Debian you will need to
 run this command:

 *dpkg -i openvpnasdebpack.deb*

 To install the OpenVPN-AS package in CentOS, RHEL, or Fedora you will
 need to run this command:

 *rpm -i openvpnasrpmpack.rpm*

 The Admin Account for OpenVPN-AS needs to be setup through terminal by
 doing the following:

 Change the password:

 passwd openvpn

 You will then be prompted to set a password for the user openvpn, after
 setting the password you can login to the Admin UI with the Username
 openvpn and the password you set.

 *Note: In some circumstances for certain configurations you may need to
 run the complete ovpn-init script terminal:
 /usr/local/openvpn_as/bin/ovpn-init*

 *Configuring the Admin Web Interface:
 *After you have completed the Initial Configuration Tool you should then
 be able to access the Admin Web Interface through your preferred web
 browser. You should have noticed an link to the Admin Web Interface after
 you completed the Initial Configuration Tool, if you missed it you can
 access the Admin Web Interface by typing the following in your browsers
 address bar: https://openvpnasip/admin https://openvpnasip:943/admin 
 (Please
 replace openvpnasip with the IP you allocated to your openvpn-as instance)
  https://openvpnasip:943/admin
 You can now go ahead and login with your openvpn admin credentials. Once
 logged in you will see the following screen:

 end excerpt


 On Sun, Jun 24, 2012 at 6:08 PM, Mark Phillips 
 m...@phillipsmarketing.biz wrote:

 Thanks for all the comments. Based on what you have said and further
 research, I have come to the conlusion...

 1. I need to install openvpn on a machine on my lan and on my laptop.
 2. I will follow these instructions for installation and configuration -
 http://openvpn.net/index.php/open-source/documentation/howto.html#quick
 3. Just enable all the vpn options on my BEFSX41 and pray it all
 connects...;)

 fallbackpurchase a cisco pix 501 and play with that.

 Thanks!

 Mark
 On Sun, Jun 24, 2012 at 3:20 PM, Lisa Kachold 
 lisakach...@obnosis.comwrote:

 Hi Mark,

 The BEFSX41's were not completely configured for anything but
 SITE---SITE VPN.  An IPSEC tunnel to tunnel can be setup evidently to
 work with a linux VPN client. where you have a static client IP address (no
 NAT), but you are correct, it's a bit of work.

 And there are some known issues:
 http://homecommunity.cisco.com/t5/Wired-Routers/VPN-works-causes-periodic-freezes-of-BEFSX41/m-p/227179?comm_cc=HSuscomm_lang=en#226944

 Version:
 Do you have BEFSX41 v1 or v2?  With the most recent firmware, the VPN
 page should look like this:

 http://ui.linksys.com/files/BEFSX41/1.52.5/Security-VPN-Tunnel-Enabled.htm

 Linksys QuickVPN software and cisco VPN client will not work for IPSEC
 or this router.  Linksys has instructions for setting up an IPSEC tunnel
 for the BEFSX41 (which is all it supports):
 http://homesupport.cisco.com/en-us/wireless/lbc/BEFSX41

 As you can see, you can, with this router, do passthrough and OpenVPN
 is so nice, easy and powerful, I recommend you just use it (rather than try
 to configure VPNs from this router) [simply check all

Re: Need Help setting up a VPN Connection to my LAN

RE: Need Help setting up a VPN Connection to my LAN

Re: Need Help setting up a VPN Connection to my LAN

Re: Need Help setting up a VPN Connection to my LAN

Re: Need Help setting up a VPN Connection to my LAN

Re: Need Help setting up a VPN Connection to my LAN

Re: Need Help setting up a VPN Connection to my LAN

Re: Need Help setting up a VPN Connection to my LAN

Re: Need Help setting up a VPN Connection to my LAN

Re: Need Help setting up a VPN Connection to my LAN

Re: Need Help setting up a VPN Connection to my LAN

Re: Need Help setting up a VPN Connection to my LAN

12 matches

Site Navigation

Mail list logo

Footer information