I am planning on running a Virtual Private Network from my Fedora firewall out to a UML virtual colo (running RH9) at another site. That site will be the place I present services to the world; httpd, ssh, sftp, smtp. This is to comply with the "no servers" and dynamic ip restrictions on my Comcast connection to the net; if my firewall always drives an outbound connection to the colocation site, I am not worried about changes of ip address, and I am not opening any inbound ports. There are a number of options for the VPN - the most attractive are cipe ( http://sites.inka.de/sites/bigred/devel/cipe.html ) and FreeSwan ( http://www.freeswan.org/ ), though I am told that one can do all this through an ssh tunnel. I would rather have simple and secure than super-duper; I have plenty of bandwidth, and will send outbound http and smtp from the firewall, so the main bandwidth user will be incoming spam/b/b/b/b mail. Anyone have some experiences to share about setting up VPN? Is there anything about either cipe or FreeSwan that is likely to break with FC1 or FC2? Keith -- Keith Lofstrom keithl@xxxxxxxx Voice (503)-520-1993 KLIC --- Keith Lofstrom Integrated Circuits --- "Your Ideas in Silicon" Design Contracting in Bipolar and CMOS - Analog, Digital, and Scan ICs
