[TriLUG] VPN suggestions

Mark Fowle mark at thefowles.com
Tue Oct 28 14:10:12 EST 2003


Does it need an external IP address - or can you open and forward a port
from the firewall to the VPN ?


On Tue, 2003-10-28 at 12:21, Jon Carnes wrote:
> On Tue, 2003-10-28 at 11:03, Joseph Tate wrote:
> > I've been asked several times by our VP of sales about setting up a VPN 
> > so that he can access files on our winders fileserver behind our 
> > firewall.  Short of opening up ports 137-139, or using the Windows VPN 
> > (Which may or may not be feasible since I don't control the subnet), are 
> > there simple ways to accomplish this?  I have a RH 7.3 system nearby, 
> > and we could probably purchase a VPN appliance.  Does this sound like a 
> > job for WebDAV?  Should I just setup ssh tunnelling for him?
> > 
> > I'm attracted to the Linksys VPN devices because of their advertised no 
> > client software and no client fees, but wonder if they work when already 
> > behind a firewall.  I can have ports opened for the device (if it has 
> > its own IP) if necessary, but I'm not sure if I can open the entire port 
> > range for the device.  Ideas?  Suggestions?
> > 
> > Joseph
> 
> An appliance is the way to go these days.  They are cheap and very
> reliable. For the appliance to work properly you will have to install it
> in parallel to your existing firewall.  The appliance also acts as a
> firewall so there is no security problems in doing so - however you do
> need an external IP address.
> 
> My favorite solution for limited use - as you describe above - is to
> purchase two Linksys VPN routers (Linksys #BEFVP41) and set one up on
> your network and give the other one to your VP of Sales.
> 
> The setup works great and you know that your VP is now running behind a
> firewall at home (while vpn-ed into your secure internal network).  The
> cost would also be under $200. The BEFVP41 can handle up to 10 remote
> connections (under normal use), so you can setup 9 other folks with
> home/travel Linksys routers as well and have them all use the one
> BEFVP41 that you put up on your network.
> 
> Linksys also has a new VPN wireless router (just what you asked for
> Michael!), so if your VP is used to going wireless you can still
> accommodate him.
> 
> There are a *lot* of other alternatives, but none that work as well or
> as cheaply (unless you've got time to burn and a few spare PC's).
> 
> Take care - Jon Carnes
-- 
Mark Fowle
mark at thefowles.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://www.trilug.org/pipermail/trilug/attachments/20031028/796f45a7/attachment.pgp>


More information about the TriLUG mailing list