VPN solution

VPN solution

Post by Tim Fran » Thu, 28 Jun 2001 07:51:08



Hi,
        Me and my friend both have cable modems, home linux-based MASQ'd lans,
and live across town. I looked but did not find any info on creating a
VPN between our networks. Ideally, there would be a encrypted link between
our two servers. We would like to be able to share NFS mounts, and Samba
mounts. Security is of medium concern, it's not vital, but I don't want to
get sued for having my MP3 collection open to the world. =]
        Has anyone done something like this? Or does anyone know where I
can find some info on setting this up?

Thanx,
Tim

 
 
 

VPN solution

Post by Michael Heimin » Thu, 28 Jun 2001 08:23:42



> Hi,
>         Me and my friend both have cable modems, home linux-based MASQ'd lans,
> and live across town. I looked but did not find any info on creating a
> VPN between our networks. Ideally, there would be a encrypted link between
> our two servers. We would like to be able to share NFS mounts, and Samba
> mounts. Security is of medium concern, it's not vital, but I don't want to
> get sued for having my MP3 collection open to the world. =]
>         Has anyone done something like this? Or does anyone know where I
> can find some info on setting this up?

> Thanx,
> Tim

www.freeswan.org

Michael

 
 
 

VPN solution

Post by Dean Thompso » Thu, 28 Jun 2001 09:42:30


Hi Tim,

Quote:> Me and my friend both have cable modems, home linux-based MASQ'd lans,
> and live across town. I looked but did not find any info on creating a
> VPN between our networks. Ideally, there would be a encrypted link between
> our two servers. We would like to be able to share NFS mounts, and Samba
> mounts. Security is of medium concern, it's not vital, but I don't want to
> get sued for having my MP3 collection open to the world. =]
> Has anyone done something like this? Or does anyone know where I
> can find some info on setting this up?

I am not sure whether your gateways are connected to the public internet or
not, but you might want to take a look at Free/SWAN which enables you to
create a VPN across the internet between your two machines with encryption.

You can find out more details at: http://www.freeswan.org.

See ya

Dean Thompson

--
+____________________________+____________________________________________+

| Bach. Computing (Hons)     | ICQ     - 45191180                         |
| PhD Student                | Office  - <Off-Campus>                     |
| School Comp.Sci & Soft.Eng | Phone   - +61 3 9903 2787 (Gen. Office)    |
| MONASH (Caulfield Campus)  | Fax     - +61 3 9903 1077                  |
| Melbourne, Australia       |                                            |
+----------------------------+--------------------------------------------+

 
 
 

VPN solution

Post by James Knot » Thu, 28 Jun 2001 11:00:14


Look for VPN info at www.linuxdoc.org.


> Hi,
>         Me and my friend both have cable modems, home linux-based MASQ'd lans,
> and live across town. I looked but did not find any info on creating a
> VPN between our networks. Ideally, there would be a encrypted link between
> our two servers. We would like to be able to share NFS mounts, and Samba
> mounts. Security is of medium concern, it's not vital, but I don't want to
> get sued for having my MP3 collection open to the world. =]
>         Has anyone done something like this? Or does anyone know where I
> can find some info on setting this up?

> Thanx,
> Tim

--
Replies sent via e-mail to this address will be promptly ignored.

 
 
 

VPN solution

Post by dennis hemple » Fri, 29 Jun 2001 02:45:42



> Hi,
> Me and my friend both have cable modems, home linux-based MASQ'd lans,
> and live across town. I looked but did not find any info on creating a
> VPN between our networks. Ideally, there would be a encrypted link between
> our two servers. We would like to be able to share NFS mounts, and Samba
> mounts. Security is of medium concern, it's not vital, but I don't want to
> get sued for having my MP3 collection open to the world. =]
> Has anyone done something like this? Or does anyone know where I
> can find some info on setting this up?

> Thanx,
> Tim

i've been using vtun. it is VERY configurable.

http://vtun.sourceforge.net

very simple to use and scales very well.

dennis

 
 
 

VPN solution

Post by bentley42 » Mon, 23 Jul 2001 12:47:44


Dean,

I tried getting to this site, but it's saying I don't have proper
credentials.  Is there something I'm missing?

Thanks,
bentley423

On Wed, 27 Jun 2001 10:42:30 +1000, Dean Thompson


>Hi Tim,

>> Me and my friend both have cable modems, home linux-based MASQ'd lans,
>> and live across town. I looked but did not find any info on creating a
>> VPN between our networks. Ideally, there would be a encrypted link between
>> our two servers. We would like to be able to share NFS mounts, and Samba
>> mounts. Security is of medium concern, it's not vital, but I don't want to
>> get sued for having my MP3 collection open to the world. =]
>> Has anyone done something like this? Or does anyone know where I
>> can find some info on setting this up?

>I am not sure whether your gateways are connected to the public internet or
>not, but you might want to take a look at Free/SWAN which enables you to
>create a VPN across the internet between your two machines with encryption.

>You can find out more details at: http://www.freeswan.org.

>See ya

>Dean Thompson

 
 
 

VPN solution

Post by Dean Thompso » Tue, 24 Jul 2001 12:44:27


Hi!,

Quote:> I tried getting to this site, but it's saying I don't have proper
> credentials.  Is there something I'm missing?

Hmm, I can get into the site: http://www.freeswan.org without any problems
whatsoever.  There doesn't appear to be any credentials required to get to the
site.

See ya

Dean Thompson

--
+____________________________+____________________________________________+

| Bach. Computing (Hons)     | ICQ     - 45191180                         |
| PhD Student                | Office  - <Off-Campus>                     |
| School Comp.Sci & Soft.Eng | Phone   - +61 3 9903 2787 (Gen. Office)    |
| MONASH (Caulfield Campus)  | Fax     - +61 3 9903 1077                  |
| Melbourne, Australia       |                                            |
+----------------------------+--------------------------------------------+

 
 
 

VPN solution

Post by bentley42 » Thu, 26 Jul 2001 09:40:36


What I meant was when you go to download the file.  It goes to an ftp
site and I get an error opening, something about proper credentials.

Thanks,
Mike

On Mon, 23 Jul 2001 13:44:27 +1000, Dean Thompson


>Hi!,

>> I tried getting to this site, but it's saying I don't have proper
>> credentials.  Is there something I'm missing?

>Hmm, I can get into the site: http://www.freeswan.org without any problems
>whatsoever.  There doesn't appear to be any credentials required to get to the
>site.

>See ya

>Dean Thompson

 
 
 

VPN solution

Post by bentley42 » Thu, 26 Jul 2001 09:44:15


Is this really necessary to connect via VPN through any linux box?
There's no way to just configure something in iptables to open up a
certain port?

I've FTFM'd the manuals and not alot of it is in a language I
understand (someday), so that's why I'm posting here (Yes, I need a
dummies guide).  If not, what's the easiest one to use in your
opinion?

I'll get into the more advanced stuff later.  For now I'm just looking
for something simple. I'd tweak with the iptables, but it takes too
long to rebuild the box after I mess it up, and ghost 6.5 didn't work
for me like symantec said it should (maybe I'll try 7).

Thanks in advance for any opinions.  Meahwhile, if I find something
and know how to explain it I'll post it here for future newbies.

Thanks!

On Wed, 27 Jun 2001 10:45:42 -0700, dennis hempler



>> Hi,
>> Me and my friend both have cable modems, home linux-based MASQ'd lans,
>> and live across town. I looked but did not find any info on creating a
>> VPN between our networks. Ideally, there would be a encrypted link between
>> our two servers. We would like to be able to share NFS mounts, and Samba
>> mounts. Security is of medium concern, it's not vital, but I don't want to
>> get sued for having my MP3 collection open to the world. =]
>> Has anyone done something like this? Or does anyone know where I
>> can find some info on setting this up?

>> Thanx,
>> Tim

>i've been using vtun. it is VERY configurable.

>http://vtun.sourceforge.net

>very simple to use and scales very well.

>dennis

 
 
 

VPN solution

Post by Michael F » Thu, 26 Jul 2001 14:15:24


Any chance you could quote the exact error message, so that we could
confirm thats it not something to do with your isp not providing
reverse dns on your ip range or something silly like that.

-
Michael Fox



>What I meant was when you go to download the file.  It goes to an ftp
>site and I get an error opening, something about proper credentials.

>Thanks,
>Mike

>On Mon, 23 Jul 2001 13:44:27 +1000, Dean Thompson

>>Hi!,

>>> I tried getting to this site, but it's saying I don't have proper
>>> credentials.  Is there something I'm missing?

>>Hmm, I can get into the site: http://www.freeswan.org without any problems
>>whatsoever.  There doesn't appear to be any credentials required to get to the
>>site.

>>See ya

>>Dean Thompson

 
 
 

VPN solution

Post by David Pier » Thu, 26 Jul 2001 14:30:19


I run freeswan, which uses 3DES, for various reasons (netfilter-based
firewalls, non-default routes, etc.), but I'd suggest CIPE
(Cryptographic IP Encapsulasomething), because it uses Blowfish.  3DES
can and regularly is broken, so don't build a VPN that relies on
it...unless you have to (or don't care :P).

Smiley Dave

 
 
 

VPN solution

Post by bentley42 » Thu, 26 Jul 2001 14:48:23


"An error occurred opening that folder on the FTP server.  Make sure
you have permission to access the folder".  

Details:  Type set to A
500 illegal port command.

Looks like it may be something on my linux box?  I'm using iptables,
but do I need to change the configuraiton as a work around for this?

Mike

On Wed, 25 Jul 2001 15:15:24 +1000, Michael F.


>Any chance you could quote the exact error message, so that we could
>confirm thats it not something to do with your isp not providing
>reverse dns on your ip range or something silly like that.

>-
>Michael Fox



>>What I meant was when you go to download the file.  It goes to an ftp
>>site and I get an error opening, something about proper credentials.

>>Thanks,
>>Mike

>>On Mon, 23 Jul 2001 13:44:27 +1000, Dean Thompson

>>>Hi!,

>>>> I tried getting to this site, but it's saying I don't have proper
>>>> credentials.  Is there something I'm missing?

>>>Hmm, I can get into the site: http://www.freeswan.org without any problems
>>>whatsoever.  There doesn't appear to be any credentials required to get to the
>>>site.

>>>See ya

>>>Dean Thompson

 
 
 

VPN solution

Post by Dean Thompso » Thu, 26 Jul 2001 16:16:47


Hi!,

Quote:> "An error occurred opening that folder on the FTP server.  Make sure
> you have permission to access the folder".

> Details:  Type set to A
> 500 illegal port command.

> Looks like it may be something on my linux box?  I'm using iptables,
> but do I need to change the configuraiton as a work around for this?

Is it possible that a module like ipmasq_ftp or ip_conntrack_ftp needs to be
loaded to handle the IP Masquerading aspects of this FTP connection.  Once the
VPN connection is established, if it gets established, are you able to ping
hosts on the remote side of the network ?

See ya

Dean Thompson

--
+____________________________+____________________________________________+

| Bach. Computing (Hons)     | ICQ     - 45191180                         |
| PhD Student                | Office  - <Off-Campus>                     |
| School Comp.Sci & Soft.Eng | Phone   - +61 3 9903 2787 (Gen. Office)    |
| MONASH (Caulfield Campus)  | Fax     - +61 3 9903 1077                  |
| Melbourne, Australia       |                                            |
+----------------------------+--------------------------------------------+

 
 
 

VPN solution

Post by bentley42 » Fri, 27 Jul 2001 13:59:15


Actually this isn't through VPN.  I'm sorry if I mixed this thread up
with the thread that I posted for VPN.  The VPN is a separate issue
that I'm working on to connect to my office network.

The FTP issue is the software that I'm trying to get that I've read is
the solution.

I'll have to read up more on this, because I don't think I need this
software just to make a simple client vpn connection to the office.  I
think I need to add routes, but I'm not sure.

Mike

On Wed, 25 Jul 2001 17:16:47 +1000, Dean Thompson


>Hi!,

>> "An error occurred opening that folder on the FTP server.  Make sure
>> you have permission to access the folder".

>> Details:  Type set to A
>> 500 illegal port command.

>> Looks like it may be something on my linux box?  I'm using iptables,
>> but do I need to change the configuraiton as a work around for this?

>Is it possible that a module like ipmasq_ftp or ip_conntrack_ftp needs to be
>loaded to handle the IP Masquerading aspects of this FTP connection.  Once the
>VPN connection is established, if it gets established, are you able to ping
>hosts on the remote side of the network ?

>See ya

>Dean Thompson

 
 
 

VPN solution

Post by bentley42 » Fri, 27 Jul 2001 19:53:17


I'm not looking to build a VPN though.

I just want to connect to a VPN server at work via my linux box,
instead of going from my laptop, straight through my static IP to the
office via VPN.  It sounds like what everyone is referring to here in
this thread is a VPN server, which I may eventually look into, but for
now I just want to connect to a VPN server at work, via a Linux box on
my LAN.

Right now in order to do this, I have to disconnect my eth0 interface
from the cable modem and connect my other cable that's attached to the
hub and configure my laptop with the static IP I have to get in to the
office VPN.

I'm sorry if I mislead anyone in thinking I'm trying to build a VPN
server, which I'm not; only a VPN connection into work.

Thanks,
Mike



Quote:>I run freeswan, which uses 3DES, for various reasons (netfilter-based
>firewalls, non-default routes, etc.), but I'd suggest CIPE
>(Cryptographic IP Encapsulasomething), because it uses Blowfish.  3DES
>can and regularly is broken, so don't build a VPN that relies on
>it...unless you have to (or don't care :P).

>Smiley Dave

 
 
 

1. VPN solution? Need some info.

Hi,
        I have VPND set up between two linux boxen here and it all seems to
work quite well.  Now I am in need to add in a NT box into this
picture.  Has anyone had any expierence with this so far?  Does it work
well?  Any info on this would be greatly apriciated.
TIA

Sent via Deja.com http://www.deja.com/
Before you buy.

2. Cirrus Logic 5430, more than 256 colors?

3. VPN Solution (IPSec, SKIP, etc)???

4. RAM recommendations?

5. linux tunnelv VPN solution

6. HELP - need to install a DNS

7. linux VPN solution

8. problems with IDE

9. VPN Solution (IPSec, SKIP, etc)???

10. Please suggest a Hardware Firewall and VPN solutions below $500.00

11. VPN solutions for Linux?

12. V-One Firewall and VPN solutions

13. VPN solution (skip, ipsec, ???)