Topic: Site to site VPN

[BK]

Halo eveybody....

Does anyone know if there is any Site to Site VPN howto or rpms for SME V5 e-smith...

thanks

[Lee Irving]

I believe this is one of the major features of the servicelink service. I believe there is something in development which will be an OpenSource solution.

[sage]

I remember reading somthing about is somewhere.  It had photos and info on how to set up 2 e-smith servers so that on one side you had 192.168.1.x and the other was 192.168.2.x and you could see computers on either side using the 192 ipaddress.  Look around, its here, maby the user guide or one of the howtos on VPN's

Sage

[Les Mikesell]

There is a contributed ipsec add-on for 4.x - I'm not sure if it will still work in 5.x.  It is not too difficult to roll your own with CIPE (http://sites.inka.de/~W1011/devel/cipe.html) which has the advantages of the less CPU-intensive blowfish encryption and the ability to work behind someone else's NAT.   You do have to tweak the e-smith templates controlling ipmasq a bit if you don't want to masq the LAN behind the VPN interface.

[BK]

thanks pal...

sage, it will be great if you can remember where you read it.... thanks

[trevorb]

BK wrote:
>
> thanks pal...
>
> sage, it will be great if you can remember where you read
> it.... thanks

There is a contributed HowTo at http://students.ou.edu/W/Christopher.A.Worthington-1/e-smith/ipsec/

[Kelvin]

Trevor,

I could not get to the address you supplied, is it still valid (perhaps mispelled ?)

Cheers,

Kelvin

[michael]

Has anyone gotten the Worthington HowTo for FreeSwan to work on 4.1.2? I have not had any success with it "out of the box" and expect that there is a problem in the modules/config. Maybe some extra configuration that is needed (ipchains)? I have seen similiar posts that indicate low success rate with this HowTo. If anyone has had success, I'd love to discuss how you accomplished it.

Thanks
Michael

[trevorb]

Hi Kelvin,

the url works for me. I just followed the links from the Contributed HowTo page (http://www.e-smith.org/cgi-bin/contrib.cgi). The name of the HowTo is How to add IPSEC to an e-smith server under the Virtual Private Networks category.

I don't have experience of how well it works (I don't need to use it). Also have some vague memory of spotting an RPM by someone else to do the same thing (but haven't managed to remember where yet - I'm away from home and all of my browsing history / jottings etc.).

Good Luck
Trevor BKelvin wrote:

[Kelvin]

Thanks Trevor.

I just tried it again and it works now. Must be a temporary failure somewhere out there in the wierd wired web.

Cheers !

Kelvin