On 26 Mar 2004 11:06:25 -0800, Florin Andrei <florin@xxxxxxxxxxxxxxx> wrote:
On Sun, 2004-03-21 at 12:07, Mark Haney wrote:I'm trying to get a VPN setup between my FC1 box at home and a DLink
DFL300 at my office so I can do some things securely without having to
make the 30 minute drive in to work to fix stuff. I've googled the
subject and the amount of documentation is pretty immense. Can someone
give me a shortened version what I need to configure or point me to a good
step by step doc on how to do it?
Well, if IPSec is not a specific requirement, and if you actually could use any VPN solution that's simple to install, secure and feature-rich, have a look at OpenVPN:
http://openvpn.sourceforge.net/
A brief "cookbook recipe" HOWTO:
http://fedoranews.org/contributors/florin_andrei/openvpn/
IPSec VPN (like FreeS/WAN) is nice because it's compatible with all kinds of VPN devices and software. However, it can be a pain to install, even more so if you're using Windows clients (but Linux is not a lot simpler, especially if you have non-geek users). Also, it is very, very picky if there are firewalls in between, especially if you go through NAT.
OpenVPN is very simple to install, it does not require weird kernel patches, it is firewall-friendly, works just fine with Windows (and Solaris, and BSD), can tunnel through proxies, etc.
It is not a typical "SSL VPN" - i mean, it is not a browser-based VPN, even though it's using SSL to encrypt the tunnel. Think of it as exactly the same thing as FreeS/WAN except it's using SSL instead of IPSec; otherwise, it can route arbitrary IP protocols, it does not require a browser, etc. Just like FreeS/WAN, but without the pain.
-- Estne volumen in toga, an solum tibi libet me videre?
Mark Haney Development, Systems and Network Administration DoctorDirectory.com http://www.doctordirectory.com