Re: [leaf-user] VPN Advice

On 7/30/2011 15:41, KP Kirchdoerfer wrote: > I prefer OpenVPN over ipsec. Works fast and reliable, is adaptable to > different > setups (e.g. access from site to site, or from net to net) and IMHO easier to > setup than ipsec. Hello, kp, Thanks! I will try both OpenVPN and IPSec(OpenSWAN). A real

Re: [leaf-user] VPN Advice

Am Samstag, 30. Juli 2011, 21:41:49 schrieb KP Kirchdoerfer: > 3.x) but "help openvpn" shows proper hints, how to start. according to my own mail from 12 April this year it's in fact "help easyrsa" kp -- Got Input? Sla

Re: [leaf-user] VPN Advice

Am Samstag, 30. Juli 2011, 05:31:02 schrieb n22e113: > Hi, > Need to do multiple VPNs to head office from three different locations: > > +--VPN---USA > > Head_office---VPN---Canada > > +--VPN---China > > All sites will use PC Engines hardware and Leaf. > What's best solution? IPSec? OpenVPN? Op

Re: [leaf-user] VPN Advice

On 7/30/2011 07:11, Erich Titl wrote: > I am running a number of connections just like yours on PCEngines WRAP > and at the central site a Nexcom NSA 1125 as there is more power needed. Hi, Erich, thanks! I am thinking of using PCEngines alix2d13 for all sites: http://www.pcengines.ch/pic/alix.jpg

Re: [leaf-user] VPN Advice

On 7/30/2011 07:11, Erich Titl wrote: > I am running a number of connections just like yours on PCEngines WRAP > and at the central site a Nexcom NSA 1125 as there is more power needed. Hi, Erich, thanks! I am thinking of using PCEngines alix2d13 for all sites: http://www.pcengines.ch/pic/alix.jpg

Re: [leaf-user] VPN Advice

Hi on 30.07.2011 05:31, n22e113 wrote: > Hi, > Need to do multiple VPNs to head office from three different locations: > > +--VPN---USA > | > Head_office---VPN---Canada > | > +--VPN---China > > All sites will use PC Engines hardware and Leaf. > What's best solution? IPSec? OpenVPN? OpenSWAN? We

[leaf-user] VPN Advice

Hi, Need to do multiple VPNs to head office from three different locations: +--VPN---USA | Head_office---VPN---Canada | +--VPN---China All sites will use PC Engines hardware and Leaf. What's best solution? IPSec? OpenVPN? OpenSWAN? Thanks, Kwon --

Re: [leaf-user] Vpn 1411 linux driver

If you want to use it for ipsec... For openssl (and with this for openvpn) there should also a patch to find in the net... --arne > Hi Niko, > > As far as i know, there is not a compiled driver out there that is > ready to use. I haven't looked into it in detail, but as > far as i know, the fol

Re: [leaf-user] Vpn 1411 linux driver

On Tue, 2007-07-24 at 16:53 -0400, Niko Kacikanis wrote: Hi Niko, As far as i know, there is not a compiled driver out there that is ready to use. I haven't looked into it in detail, but as far as i know, the following 2 steps would be needed: - Compile a custom kernel with the ocf patch for the

[leaf-user] Vpn 1411 linux driver

Hi Guys, I have set up Soekris 4811 board with LEAF firewall. I am looking for VPN 1411 linux driver for this board. Any information will be greatly appreciated - This SF.net email is sponsored by: Splunk In

Re: [leaf-user] VPN name resolution?

> > I tested from home. Here's what happened when I input nslookup: > > > > C:\Documents and Settings\Doug>nslookup > > *** Can't find server name for address 10.8.0.1: No > response from server > > *** Can't find server name for address 192.168.1.254: No > response from > > server > > *** Can't

Re: [leaf-user] VPN name resolution?

Hi Doug Doug Sampson schrieb: What do I need to do in order to get names resolved on all >>> openVPN clients? The following are possibilities but I would like to gather >>> feedback from you guys first. >>> Make your DNS server accessible from the VPN client. >>> >>> - You push 2

Re: [leaf-user] VPN name resolution?

> > > What do I need to do in order to get names resolved on all > > openVPN clients? > > > The following are possibilities but I would like to gather > > feedback from you > > > guys first. > > > > Make your DNS server accessible from the VPN client. > > > > - You push 2 dhcp options to the cl

Re: [leaf-user] VPN name resolution?

> > What do I need to do in order to get names resolved on all > openVPN clients? > > The following are possibilities but I would like to gather > feedback from you > > guys first. > > Make your DNS server accessible from the VPN client. > > - You push 2 dhcp options to the client, are they act

Re: [leaf-user] VPN name resolution?

Doug Doug Sampson wrote: .. > > > > What do I need to do in order to get names resolved on all openVPN clients? > The following are possibilities but I would like to gather feedback from you > guys first. Make your DNS server accessible from the VPN client. - You push 2 dhcp options to the cl

[leaf-user] VPN name resolution?

I've been running OpenVPN on our Bering 2.4.2 firewall for some time now. However, I have never been able to resolve FQDNs running as clients so I've been using HOSTS files in place. I would like to see if I could get around this limitation as this requires maintenance of these HOSTS files from tim

Re: [leaf-user] VPN: NAT Traversal will not work

Charles Steinkuehler wrote: > > This could be caused by routing issues, firewall issues (make sure you're > allowing protocols 50/51 as well as UDP port 500, which sets up the SA), > configuration issues (it can be tricky to understand how IPSec interacts > with standard routing on linux). > And

Re: [leaf-user] VPN: NAT Traversal will not work

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Stephen More wrote: | | On 11/14/04, *Charles Steinkuehler* <[EMAIL PROTECTED] | > wrote: | - If you're trying to use the Linksys IPSec 'passthrough' mode, you would | *NOT* use nat_traversal (ie: they're two different solut

[leaf-user] vpn won't disconnect

G'day peoples, I'm using Bering 1.2 with Freeswan. I have a VPN between 2 offices (Brisbane and Kawana) using rsa keys and this works perfectly. I am trying to set up a my winXP machine at home to connect to the Brisbane office using certificates over a dial up connection. I'm using the ebootis

Re: [leaf-user] VPN: NAT Traversal will not work

Timothy J. Massey wrote: Hello! This is the *last* thing I need to work, and I'm ready to take over the world! Or something... I've got multiple subnet-to-subnet and subnet-to-host IPSec tunnels working, with both plain RSA keys as well as certs. I've tested it with Leaf firewall clients, Win

[leaf-user] VPN: NAT Traversal will not work

Hello! This is the *last* thing I need to work, and I'm ready to take over the world! Or something... I've got multiple subnet-to-subnet and subnet-to-host IPSec tunnels working, with both plain RSA keys as well as certs. I've tested it with Leaf firewall clients, Windows 2000 IPSec client an

Re: SOLVED: [leaf-user] VPN Tunnel up but *no* traffic across connection

Timothy J. Massey wrote: Why wouldn't the IPSec tunnels not have a *higher* priority than the interface routes? That doesn't make sense to me. It's pretty nonsensical all right and is one of the reasons that there is a policy-based IPSEC implementation in the 2.6 Linux kernel. The old implement

SOLVED: [leaf-user] VPN Tunnel up but *no* traffic across connection

"Peter Mueller" <[EMAIL PROTECTED]> wrote on 11/12/2004 12:42:27 PM: > > left=68.208.33.25 > > leftsubnet=10.154.16.0/22 > > > rightsubnet=10.154.16.0/255.255.252.0 > > (If I'm reading this correctly..) > In left's view, 10.154.16.0/.252 is owned by left. Ipsec routes get a lower > ro

RE: [leaf-user] VPN Tunnel up but *no* traffic across connection?

> left=68.208.33.25 > leftsubnet=10.154.16.0/22 > rightsubnet=10.154.16.0/255.255.252.0 (If I'm reading this correctly..) In left's view, 10.154.16.0/.252 is owned by left. Ipsec routes get a lower route priority than local interface routes. Therefore, traffic won't bother to traver

Re: [leaf-user] VPN Tunnel up but *no* traffic across connection?

Timothy J. Massey wrote: Hello! I have created a certificate-based tunnel between a Leaf firewall and a Windows client using either the Windows 2000 VPN tool (http://vpn.ebootis.de/) or SSH Sentinel. In both cases, the client software establishes the connection, and according to Leaf's auth.log

[leaf-user] VPN Tunnel up but *no* traffic across connection?

Hello! I have created a certificate-based tunnel between a Leaf firewall and a Windows client using either the Windows 2000 VPN tool (http://vpn.ebootis.de/) or SSH Sentinel. In both cases, the client software establishes the connection, and according to Leaf's auth.log, the tunnel is 100% est

Re: [leaf-user] VPN with ipsec

I have a couple of problems with your configuration...comments inline. theoleyre fabrice wrote: I have a Leaf box with Bering-uclib-2.2 I want to set up VPN tunnels for road warriors (win2k, linux). My configuration is as follows : Client -- Routeur(NAT) -- Internet -- Leaf (VPNs) I test this c

[leaf-user] VPN with ipsec

I have a Leaf box with Bering-uclib-2.2 I want to set up VPN tunnels for road warriors (win2k, linux). My configuration is as follows : Client -- Routeur(NAT) -- Internet -- Leaf (VPNs) I test this configuration with a client without NAT. All works (authentification with a CA and x509 certif

Re: [leaf-user] VPN with ipsec

If nothing else is required to support NAT in the leafbox, I think the problem must come from the winxp client. I will inspect the log of one of the winxp clients this evening and tell you if I find something interesting. I believed that winxp SP2 supports ipsec with NAT. Is a configuration requ

Re: [leaf-user] VPN with ipsec

theoleyre fabrice wrote: Hi, I installed a vpn server on my leaf box for the road warriors connections : _ __ | Client (winxp)| --- | Internet |-| Leaf Berring Uclib 2.2 | || |__| |_

[leaf-user] VPN with ipsec

Hi, I installed a vpn server on my leaf box for the road warriors connections : _ __ | Client (winxp)| --- | Internet |-| Leaf Berring Uclib 2.2 | || |__| |___| I use ipsec, ipsecx

Re: [leaf-user] vpn thru dachstein - Solution Found!!

I finally figured out what I was missing. I had to add a line to ipfilter.conf to allow protocol 47 to pass from eth2 to eth0. " $IPCH -A forward -j ACCEPT -p 47 -s $DMZ_SRC -d 0/0 -i $EXTERN_IF " What a learning experience LaRoy McCann At 08:27 AM 7/7/2004, you wrote: Charles, I have been ou

Re: [leaf-user] vpn thru dachstein

Charles, I have been out of town for a couple of weeks, but here is what I found out about my vpn situation. The vpn is Microsoft vpn (pptp). I ran tcpdump on both interfaces, eth0 and eth2. At first I did not have port 1723 open. I opened that and the traffic got farther along. It looks lik

Re: [leaf-user] vpn thru dachstein

Charles, I am sorry for not giving any detail about where the client was connected, but you hit the nail on the head. I am a local ISP and I am using the fire wall between my provider (Sprint) and the rest of my network. I do have 3 cards, but I am not using the internal network interface. Ju

Re: [leaf-user] vpn thru dachstein

LaRoy McCann wrote: I have a dachstein proxy arp firewall in place. Do I have to setup ipsec or freeswan or something like that to have a windows client be able to vpn to an outside network, or should that be transparent thru the firewall? Client is on the proxy arped side and is trying to conne

[leaf-user] vpn thru dachstein

I have a dachstein proxy arp firewall in place. Do I have to setup ipsec or freeswan or something like that to have a windows client be able to vpn to an outside network, or should that be transparent thru the firewall? Client is on the proxy arped side and is trying to connect using windows vp

Re:[leaf-user] vpn capability router

From: "Doug Hite" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> Subject: Re:[leaf-user] vpn capability router Date: Thu, 06 May 2004 08:04:48 -0500 Well, the most obvious way to tell it is working is that the network subnets that are being connected can com

Re:[leaf-user] vpn capability router

Are u trying to say that without vpn, the network segment wouldn't be able to ping to another network segment? thanks! From: "Doug Hite" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> Subject: Re:[leaf-user] vpn capability router Date: Thu, 06

Re:[leaf-user] vpn capability router

At 11:54 AM 5/11/2004 +0800, chiew yock sang wrote: I've setup a router with the following IP, 192.168.1.254 and 160.1.4.1 which connect to computer A (192.168.1.200) and computer B (160.1.4.200). A is able to ping to B but B doesn't able to ping to A (not to mentioned, B also can't ping to 19

Re:[leaf-user] vpn capability router

ng successfully? Another question is, is the router can't ping address other than its own IP? Coz when i tried to ping the A, the message operation not permitted is given Please help me. thanks From: "Doug Hite" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Subject: Re:[leaf

Re:[leaf-user] vpn capability router

t;[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Subject: Re:[leaf-user] vpn capability router Date: Wed, 05 May 2004 09:01:42 -0500 If I were pressed on time, I would do this - Use Bering 1.2 stock. Set up 1 router, and get it working. add the ifconfig and openvpn packages as found here - h

Re:[leaf-user] vpn capability router

ve setup a router and it is working now From: "Doug Hite" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Subject: Re:[leaf-user] vpn capability router Date: Wed, 05 May 2004 09:01:42 -0500 If I were pressed on time, I would do this - Use Bering 1.2 stock. Set up 1 router, and g

[leaf-user] vpn capability router

What is the difference between IPSec and openVPN. Which one is easier to configure? I also want to do a VPN capability router. Do I need to configure the client in order to get this router work? _ Are you in love? Find a date on MSN

Re:[leaf-user] vpn capability router

If I were pressed on time, I would do this - Use Bering 1.2 stock. Set up 1 router, and get it working. add the ifconfig and openvpn packages as found here - http://leaf.sourceforge.net/devel/jnilo/bering/latest/packages/ http://lrp.steinkuehler.net/Packages.htm add tun.o as found here - http:/

Re: [leaf-user] vpn capability router

Hi At 12:12 05.05.2004 +0800, chiew yock sang wrote: >I'm currently studying, my lecturer asked me to do a router with VPN capability with >floppy disk(s). I have tried a for quite long and still haven get the result. I don't >know what has gone wrong. > >Can anyone show me the proper way to sta

[leaf-user] vpn capability router

I'm currently studying, my lecturer asked me to do a router with VPN capability with floppy disk(s). I have tried a for quite long and still haven get the result. I don't know what has gone wrong. Can anyone show me the proper way to start? I'm willing to start all over again to make sure I'm i

RE: [leaf-user] VPN Suggestions?

Eriksen Cc: [EMAIL PROTECTED] Subject: Re: [leaf-user] VPN Suggestions? > -Original Message- > > I'd like to implement a VPN at work (seems to be the in thing to do); I don't > really so much want encryption (but I'll take it :-) as better user > authentication

Re: [leaf-user] VPN Suggestions?

Nachman Yaakov Ziskind wrote: I'd like to implement a VPN at work (seems to be the in thing to do); I don't really so much want encryption (but I'll take it :-) as better user authentication (right now, I use TCP Wrappers and firewall rules to keep out undesireables; this is becoming more and more

Re: [leaf-user] VPN Suggestions?

> -Original Message- > > I'd like to implement a VPN at work (seems to be the in thing to do); I don't > really so much want encryption (but I'll take it :-) as better user > authentication (right now, I use TCP Wrappers and firewall rules to keep out > undesireables; this is becoming more

RE: [leaf-user] VPN Suggestions?

- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Nachman Yaakov Ziskind Sent: Tuesday, March 09, 2004 8:18 PM To: [EMAIL PROTECTED] Subject: [leaf-user] VPN Suggestions? I'd like to implement a VPN at work (seems to be the in thing to do); I don't really so much want encry

[leaf-user] VPN Suggestions?

I'd like to implement a VPN at work (seems to be the in thing to do); I don't really so much want encryption (but I'll take it :-) as better user authentication (right now, I use TCP Wrappers and firewall rules to keep out undesireables; this is becoming more and more unworkable as folks wish to co

RE: [leaf-user] VPN gateway

> Hello, list. Hello Brent Please use a subject line to provide some information > I'm going to be setting up a Bering box to allow VPN access to our > corporate network by our travelling sales force. I have two questions: > > 1) Are the encryption-offloading features of NICs like the Intel Pro

RE: [leaf-user] VPN shorewall options

On Tue, 2003-11-18 at 13:03, Troy Aden wrote: > I think there may be a bug in Bering-uClibc_2.0-rc2. I am currently still > working through this IPSec configuration and I discovered the following > warning when IPSec loads on boot up: > > >snip > > /proc/sys/ne

RE: [leaf-user] VPN shorewall options

gt;>>>>>>> But the only way I can set this value to zero is to manually go into /proc/sys/net/ipv4/conf/eth0/rp_filter and set the value to zero. After I do this and do a full backup of Bering (the "all Except log" 'L' option) and reboot. The changes have n

RE: [leaf-user] VPN shorewall options

Troy At 19:45 16.11.2003 -0600, Troy Aden wrote: Hello yet again, Sorry to be a bother. I have searched the Freeswan docs for any reference to the fswcert command with no luck. I need to know what command I should be using instead of the fswcert command. I did find a reference to it here http://c

RE: [leaf-user] VPN shorewall options

of the imagination and I have to get this working in short order. I hope someone can help me out. Thanks in advance! Troy -Original Message- From: Erich Titl [mailto:[EMAIL PROTECTED] Sent: Thursday, November 13, 2003 5:02 PM To: Troy Aden; Leaf-User (E-mail) Subject: RE: [leaf-user] VPN

RE: [leaf-user] VPN shorewall options

Troy At 21:35 13.11.2003, Troy Aden wrote: Thanks for getting back to me. I have run into problems with one command in the IPSec procedure. >>>Snip>>> Make your ipsec server certificate # openssl req -newkey rsa:2048 -keyout serverKey.pem -out serverReq.pe

RE: [leaf-user] VPN shorewall options

need Freeswan installed on my Mandrake box. I did do some searching and found an RPM for Freeswan on Mandrake Linux. But even after running the RPM, I still can't use the fswcert command... Can anyone please tell me what I am missing here? Like I said, I am new to this configuration and any

Re: [leaf-user] VPN shorewall options

Am Mittwoch, 12. November 2003 19:06 schrieb Troy Aden: > I am looking into the best way to set up a constant encrypted tunnel > connection between two sites. (An office here and another office at a > remote location.) > Before I dive headlong into this I was hoping that some LEAF users out > there

[leaf-user] VPN shorewall options

I am looking into the best way to set up a constant encrypted tunnel connection between two sites. (An office here and another office at a remote location.) Before I dive headlong into this I was hoping that some LEAF users out there might be able to give me some advice as to what is the best optio

RE: [leaf-user] VPN <--> VPN issues

> I am running into a strange VPN problem between our offices here and in a > second location. > Here is the configuration. > > (Site1) VPN client --> Firewall <--> Internet <--> Firewall --> > VPN client > (Site 2) -will not allow a second VPN connection to site 1! Why? Do you use NAT/Masquerad

[leaf-user] VPN <--> VPN issues

Hello all! I am running into a strange VPN problem between our offices here and in a second location. Here is the configuration. (Site1) VPN client --> Firewall <--> Internet <--> Firewall --> VPN client (Site 2) -will not allow a second VPN connection to site 1! Why? (I am terrible at ASCI art

Re: [leaf-user] VPN Setup

Mike Koceja wrote: Charles, Thank-you for your help in this matter. I downloaded the kernel you suggested and replaced my existing one with it. I still am unable to connect to my work lan using an ipsec vpn client. Do I need to add the address I am connecting to as a "trusted" site somewhere? Have

Re: [leaf-user] VPN Setup

Charles, Thank-you for your help in this matter. I downloaded the kernel you suggested and replaced my existing one with it. I still am unable to connect to my work lan using an ipsec vpn client. Do I need to add the address I am connecting to as a "trusted" site somewhere? --- Charles Steinkueh

Re: RE: [leaf-user] VPN security issue? Slightly O/T...

[EMAIL PROTECTED] wrote on 07/30/2003 01:15:48 AM: > That's the real threat. Granted, maybe not the entire net, but a far > larger portion than you'd like to think is healthy. I have never been more scared for my Internet security than the day that my cable modem was installed. I had an Et

Re: RE: [leaf-user] VPN security issue? Slightly O/T...

or you. That's the real threat. Granted, maybe not the entire net, but a far larger portion than you'd like to think is healthy. George Metz - Original Message - From: Eric B Kiser <[EMAIL PROTECTED]> Date: Tuesday, July 29, 2003 7:42 pm Subject: RE: [leaf-user] VPN security

RE: [leaf-user] VPN security issue? Slightly O/T...

3 6:38 PM > To: [EMAIL PROTECTED] > Subject: Re: [leaf-user] VPN security issue? Slightly O/T... > > On Tuesday 29 July 2003 04:53 pm, Alex Rhomberg wrote: > > > It's fairly straightforward. Let's say you've got a machine on the > > > internet with noth

RE: [leaf-user] VPN security issue? Slightly O/T...

Hi folks, Hey Lynn, I like your response, "you can't run a VPN w/o internet access can you? :)" I guess what I really meant was that it's my understanding that the security risk lies in being able to connect to your remote network via VPN (of course), and still being able to browse the internet as

Re: [leaf-user] VPN security issue? Slightly O/T...

On Tuesday 29 July 2003 04:53 pm, Alex Rhomberg wrote: > > It's fairly straightforward. Let's say you've got a machine on the > > internet with nothing between you and the 'net. You're running with a > > public IP(I'm gonna use a private, so just pretend) of 172.16.8.1 on > > your machine, and you'

RE: [leaf-user] VPN security issue? Slightly O/T...

> It's fairly straightforward. Let's say you've got a machine on the > internet with nothing between you and the 'net. You're running with a > public IP(I'm gonna use a private, so just pretend) of 172.16.8.1 on > your machine, and you're connected to a VPN. Routing is also turned on > on this par

RE: [leaf-user] VPN security issue? Slightly O/T...

Well said, thanks George. Eric > -Original Message- > From: [EMAIL PROTECTED] [mailto:leaf-user- > [EMAIL PROTECTED] On Behalf Of George Metz > Sent: Tuesday, July 29, 2003 9:56 AM > To: Craig Caughlin > Cc: LEAF (LEAF) > Subject: Re: [leaf-user] VPN securit

Re: [leaf-user] VPN security issue? Slightly O/T...

Craig Caughlin wrote: Hi Eric, Thanks for the response. I think I'm like Alex, I don't quite understand what you mean when you say "Then the entire Internet gets access to the other side of your VPN without having to compromise your system." Could you explain that a little bit? Thank you. It's fair

RE: [leaf-user] VPN security issue? Slightly O/T...

Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eric B Kiser Sent: Monday, July 28, 2003 8:23 PM To: 'LEAF (LEAF)' Subject: RE: [leaf-user] VPN security issue? Slightly O/T... It gets even worse if routing is turned ON. Then the entire Internet ge

RE: [leaf-user] VPN security issue? Slightly O/T...

> It gets even worse if routing is turned ON. Then the entire Internet > gets access to the other side of your VPN without having to compromise > your system. That's interesting. How would they do that? Wouldn't they first have to get a packet with destination address on the VPN to my machine? Thi

RE: [leaf-user] VPN security issue? Slightly O/T...

- > -Original Message- > From: [EMAIL PROTECTED] [mailto:leaf-user- > [EMAIL PROTECTED] On Behalf Of Scott > Sent: Monday, July 28, 2003 6:47 PM > To: Craig Caughlin; LEAF (LEAF) > Subject: Re: [leaf-user] VPN security issue? Slightly O/T... >

Re: [leaf-user] VPN security issue? Slightly O/T...

lt;[EMAIL PROTECTED]> Sent: Monday, July 28, 2003 3:35 PM Subject: [leaf-user] VPN security issue? Slightly O/T... > Hi folks, > I seem to remember a while back reading somewhere (likely either here at > the newsgroup or perhaps a Microsoft security bulletin?) that it's a >

[leaf-user] VPN security issue? Slightly O/T...

Hi folks, I seem to remember a while back reading somewhere (likely either here at the newsgroup or perhaps a Microsoft security bulletin?) that it's a SIGNIFICANT security problem if you have an active VPN connection on a given box and can browse the internet at the same time. It was my understand

Re: [leaf-user] VPN: How to establish connection with .p12?

Tim you may also want to look into http://www.drh-consultancy.demon.co.uk/pkcs12faq.html At 17:14 25.07.2003 -0400, [EMAIL PROTECTED] wrote: ... My biggest problem right now is how to set up Bering to accept the certificates. With SSH Sentinel, I have been given a single .p12 file. With that,

[leaf-user] VPN: How to establish connection with .p12?

Hello! Short version: How do I turn a single .P12 file that works fine with SSH Sentinel into the files that Bering/SuperFreeS/Wan 1.99 expect to work with? I believe that these would be cacert.pem, crl.pem and x509cert.der, though maybe another collection of files will work as well. Long v

[leaf-user] VPN advice - What's your opinion?

Hi folks, I'm trying to sort out in my mind my options for VPN access. I have my simple home LAN (2 Windows boxes behind a Bering 1.2 box) that needs to access other Windows based LANs via VPN using IPSec (not PPTP), one of the LANs is behind a Cisco router and the other behind a Windows ISA server

Re: [leaf-user] VPN Setup

Mike Koceja wrote: You are correct I am trying to establish a vpn connection using a pc located behind the firewall to a remote network. I have loaded the VPN masquerade "helper" ip_masq_ipsec. This hasn't helped though. I did start with a floppy version of the firewall which I altered to boot from

Re: [leaf-user] VPN Setup

Mike Koceja wrote: Hello, I actually sent an E-MAIL concerning this sometime ago so I apologize for not replying to anyone how offered advice. I'm trying to get a VPN connection to my worksite to function through the Dachstein Firewall. I downloaded the following files... ifconfig.lrp ipsec.lrp ip

Re: [leaf-user] VPN Setup

in syslinux.cfg after LRP=. Regards Eric Wolzak member of the bering crew. -Ursprüngliche Nachricht- Von: Mike Koceja <[EMAIL PROTECTED]> An: leaf <[EMAIL PROTECTED]> Datum: Donnerstag, 17. Juli 2003 05:00 Betreff: [leaf-user] VPN Setup >Hello, > >I actually sen

[leaf-user] VPN Setup

Hello, I actually sent an E-MAIL concerning this sometime ago so I apologize for not replying to anyone how offered advice. I'm trying to get a VPN connection to my worksite to function through the Dachstein Firewall. I downloaded the following files... ifconfig.lrp ipsec.lrp ipsec509.lrp mawk.l

Re: [leaf-user] VPN solution needed

On Tuesday 01 July 2003 04:32 pm, JamesSturdevant wrote: > I am looking for VPN solutions to connect my classroom to my home network. > Most of the VPN software indicates that you need to have control of the end > points. I do not. I have control of the Mandrake system and the LEAF system > shown b

Re: [leaf-user] VPN solution needed

try openvpn or vtun available at http://leaf.sourceforge.net/devel/jnilo - Original Message - From: "JamesSturdevant" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, July 01, 2003 23:32 Subject: [leaf-user] VPN solution needed > I am looking for VP

[leaf-user] VPN solution needed

I am looking for VPN solutions to connect my classroom to my home network. Most of the VPN software indicates that you need to have control of the end points. I do not. I have control of the Mandrake system and the LEAF system shown below. Is there software available to establish a VPN between LEAF

Re: [leaf-user] VPN

On Friday 06 June 2003 08:20 am, Mike Koceja wrote: > I'm new to leaf. I'm used to cisco. I'm using a vpn > connection to access my work lan. How do I enter a > trusted IP into the leaf firewall? What variant/version of LEAF are you using? To access the LEAF box? To allow traffic through the firew

[leaf-user] VPN

I'm new to leaf. I'm used to cisco. I'm using a vpn connection to access my work lan. How do I enter a trusted IP into the leaf firewall? __ Do you Yahoo!? Yahoo! Calendar - Free online calendar with sync to Outlook(TM). http://calendar.yahoo.com -

Re: [leaf-user] VPN local to remote-dmz

0.0.0/0 vpnRW2 ipsec0:0.0.0.0/0 << additional Road-Warrior Thank you. M Lu. - Original Message - From: "Tom Eastep" <[EMAIL PROTECTED]> To: "M Lu" <[EMAIL PROTECTED]> Cc: "LEAF user list" <[EMAIL PROTECTED]> Sent

Re: [leaf-user] VPN local to remote-dmz

On Fri, 30 May 2003 08:21:00 -0700, M Lu <[EMAIL PROTECTED]> wrote: Thanks a lot, Tom. - The 2 subnet-subnet tunnels work perfectly following your instructions. - Now if I would like to add a road-warrior, could I just expand your instructions further as follow? In /etc/shorewall/zones I have

Re: [leaf-user] VPN local to remote-dmz

> Sent: Tuesday, May 27, 2003 2:51 PM Subject: Re: [leaf-user] VPN local to remote-dmz > On Tue, 27 May 2003 14:28:06 -0700, M Lu <[EMAIL PROTECTED]> wrote: > > > Thank you Tom, > > > > It seems straigforward to add another connection (my-local - his-dmz) in >

Re: [leaf-user] VPN local to remote-dmz

On Tue, 27 May 2003 14:28:06 -0700, M Lu <[EMAIL PROTECTED]> wrote: Thank you Tom, It seems straigforward to add another connection (my-local - his-dmz) in 'ipsec.conf' but I do not know how to add another zone and associate it in '/etc/shorewall/interfaces'. Say I have second zone in '/etc/sho

Re: [leaf-user] VPN local to remote-dmz

om: "Tom Eastep" <[EMAIL PROTECTED]> To: "M Lu" <[EMAIL PROTECTED]> Cc: "LEAF user list" <[EMAIL PROTECTED]> Sent: Tuesday, May 27, 2003 8:47 AM Subject: Re: [leaf-user] VPN local to remote-dmz > On Fri, 23 May 2003 13:08:37 -0700, M Lu <[EMAIL

Re: [leaf-user] VPN local to remote-dmz

On Fri, 23 May 2003 13:08:37 -0700, M Lu <[EMAIL PROTECTED]> wrote: Hi, My friend and me both use Bering router 1.1. I have a VPN subnet-subnet from my local-subnet (192.168.9.x) to his local-subnet (192.168.5.x) . He has DMZ (192.168.2.x) and if I want to access his DMZ from my local-subnet,

Re: [leaf-user] VPN

On Tue, 11 Mar 2003 23:29:57 +0100 Erich Titl <[EMAIL PROTECTED]> wrote > I have set up a simulation of such a set up recently, I used a cable to > simulate the wireless segment (no wireless cards for the moment), but I > believe this should not make a difference. > > You might want to show

Re: [leaf-user] VPN

Homer Homer Parker wrote the following at 22:00 11.03.2003: Trying to implemetn a VPN, and having a minor blockage in my thought process. Running Bering 1.0 as the router in the following layout: Internet - eth0 firewall eth1 - wireless - eth0 router eth1 - LAN2

[leaf-user] VPN

Trying to implemetn a VPN, and having a minor blockage in my thought process. Running Bering 1.0 as the router in the following layout: Internet - eth0 firewall eth1 - wireless - eth0 router eth1 - LAN2 |10.0.1.0/24

RE: [leaf-user] vpn with dynamic ip (long)

nal Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of K.-P. > Kirchdörfer > Sent: Tuesday, 25 February 2003 11:15 PM > To: [EMAIL PROTECTED]; Lynn Avants; > [EMAIL PROTECTED] > Subject: Re: [leaf-user] vpn with dynamic ip (long) > > > Am Montag, 24

Re: [leaf-user] vpn with dynamic ip (long)

Am Montag, 24. Februar 2003 20:15 schrieb Lynn Avants: > On Monday 24 February 2003 11:23 am, K.-P. Kirchdörfer wrote: > > > > e) tunnels > > add the tunnels for net-net and gate-gate > > ipsec net 0.0.0.0/0 vpn,vgw > > > > > Is this setup esp. shorewall changes secure

  1   2   3   >