[TriLUG] Linux VPNs

Jon Carnes jonc at nc.rr.com
Tue Jan 14 09:49:17 EST 2003 

I've done this many times.

You'll find that OpenBSD is setup for exactly what you want to do. It
even comes with default scripts for setting up VPN connections (router
to router).

If you're going to use Linux, then *do not use* Red Hat.  Red Hat does
not include any of the FreeSwan mods in its kernel or distribution.  My
choice is Mandrake.  It should take a novice about 4 hours to setup a
Mandrake to Mandrake VPN using IpSec via FreeSwan.  It took me 12 to 16
hours using Red Hat, and I'm not a novice.

Of course using OpenBSD, I can build a Firewall/VPN pair in less than 2
hours.

Now for the twist.  I've stopped recommending folks build their own
these days (unless they move a lot of bandwidth around).  Linksys has a
VPN enabled router/firewall that costs about $100 each.  Buy a pair of
these and you are up and running in just a few minutes.  The VPN's are
as easy to install on these little buggers as they are in OpenBSD (they
probably use the same scripting).

HtH - Jon Carnes

On Mon, 2003-01-13 at 23:06, gregbrown at mindspring.com wrote:
> Has anyone experimented with Linux VPNs?  I have two scenarios I'd like to
> investigate:
> 
> 1. point-to-point VPN.  Simply put, two linux routers, one on each end of a
> connection.  Both routers support VPNs between them sporting triple-DES
> encryption.  Can this be done?  Has anyone done this?
> 
> (and less importantly)
> 
> 2. A VPN firewall much like the LU Brick, Cisco PIX, blah, whatever.  Clients
> (sporting a variety of operating systems) connecting to the Firewall and
> authenticate via some kind of VPN client then the firewall sets up a nice
> triple-DES fully encrypted tunnel over protocols 50 and 51 between the FW and
> the client.  
> 
> Has anyone done this with an Open Souce solution?  I've set this up a number
> of times with various firewalls but I'd like to have an Open Source set-up for
> a few clients I have in mind.
> 
> muchas gracias,
> 
> Greg
> _______________________________________________
> TriLUG mailing list
>     http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ:
>     http://www.trilug.org/~lovelace/faq/TriLUG-faq.html

More information about the TriLUG mailing list