Re: Speaking of VPNs..

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 04 Feb 2004 00:50:10 -0600 Mark <admin@xxxxxxxxxxx> wrote:

> I have a small business client that is still running on Windows NT
> 3.5.1.  I'm thinking about putting Fedora on their main server and
> making it a firewall, internet gateway, etc on their DSL line. 

from a security point of view, i personally don't like to see firewalls
doing anything other than being firewalls. the ideal architecture would
be a 3 legged firewall with a web/email server on a separate machine
in a DMZ.

if you have a web server running on a firewall, one apache remote
root exploit can ruin your whole day.

> I
> brought it up the other day, and they will not mind the change as long
> as their employees can still VPN into the server, and PCAnywhere into
> their PC or a server.  

> Can someone recommend a good one that will allow this?

with FreeSWAN running on Linux firewall, you should be able to have
them use the W2K/WinXP IPSec client to connect to the firewall and
reach anything behind it. that particular client can be a bit of a pain
to work with, but it's been done, and the procedures are well
documented.

there are other options, as have been brought out by others on the list.

richard
-- 
Richard Welty                                         rwelty@xxxxxxxxxxxxxxx
Averill Park Networking                                         518-573-7592
    Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security




[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux