On Sat, 2004-02-21 at 23:25, Nathan Ollerenshaw wrote: > Keith, > > I looked at freeswan and IPsec as well as doing SSH tunnels, and the > best software I found for a quick and simple yet secure VPN is OpenVPN. > > Its easy to set up, they have RPMs for everything you need (except for > one thing which you can get off freshrpms) and it works REALLY well. > > I run a VPN between here and an office in Moscow and it was fairly > trivial to get working. Just follow the documentation closely. > > The thing with FreeSwan and others is that they are very complicated > and/or use bizzare protocols such as GRE which sometimes get filtered. > > OpenVPN just uses UDP for encapsulation, and TLS for the session > negotiation and OpenSSL for the encryption, so its very > straightforward. You can also set up a floating endpoint with no > problems. > > Hope this helps, > Do you know if this will work with a standard corporate firewall? The MS Admins where I work block SSH but let Telnet! Looking at the OpenVPN expample they have this simple setup: On may: openvpn --remote june.kg --dev tun1 --ifconfig \ 10.4.0.1 10.4.0.2 --verb 9 On june: openvpn --remote may.kg --dev tun1 --ifconfig \ 10.4.0.2 10.4.0.1 --verb 9 The problem with this is that I want to have a VPN from my home network to my corporate desktop. The work desktop does not have an Internet addressable IP/name. My home PC has a dynamic IP although I use dydns.org so I can always get to it. So how would I enter the --remote name/IP for my corporate desktop from home? I guess I could use SSH on another port, though a VPN would have more utility and let me mount samba shares from my home FC1 desktop to my work FC1 desktop. Jim Drabb -- --------------------------------------------------------- The box said: "Requires Windows 98/2000/NT/XP or better." So, I installed LINUX! --------------------------------------------------------- James Drabb JR Senior Programmer Analyst Davenport, FL USA
