Topic: Need VPN masq clarification

[ryan]

Hello,

With Charlie Brady's 5.6 PPTP rpms, will I be able to use PPTP outbound and inbound successfully?  

I also currently masq IPSEC 50 & 500 (10 Extranet clients) outbound on SME 5.1.2.  Will the rpms allow 5.6 to handle this as well?  

Any input regarding these issues is appreciated.  I want to upgrade my 5.1.2 servers.   Should I wait until the next final release or is 5.6 fixed?

Or is there an alternative to SME 5.6?  If you have found a good replacement please post your opinions.

Thanks,

Ryan

[Bill Talcott]

I upgraded from 5.0 to 5.5 not too long ago. Personally I've seen too many weird little things here about 5.6, and the change to the 2.4 kernel requires a lot of stuff to be rebuilt. Many of the popular contribs have been converted now, but I don't think PPTP is quite working yet.

You could upgrade to 5.5. This would switch to mailfront also. If you have any email issues, you could work those out without having to worry about kernel and other issues.

[ryan]

Hi Bill,

I agree, 5.6 seems too unstable to be a final release.  As far as 5.5, I have 5 SME 5.1.2 servers using IPSEC which have worked without problems for a long time.  I choose not to update to 5.5 because it has the same kernel as 5.1.2.  I also have approx. 10 Extranet IPSEC clients using 5.1.2 as a gateway, not to mention about 6 PPTP users.  For now, I think I will wait until Mitel releases a 5.6b or wait until they use the 2.5 kernel.  I wonder how 5.6 with service link is able to overcome these difficulties?  

Anyway, I an going to attempt to build a Debian/Libranet server hoping to duplicate my 5.1.2 services...I might try the same with the next final 8.x from Redhat.  Again if anyone can recommend an up to date (and functional) replacement for SME 5.1.2 or 5.5, please post!!

ryan

[Jim Huneycutt]

I agree with Ryan that 5.6 is unstable based on the forum reports and my own experience with it - primarily with the PPTP function on which I rely heavily. I look forward to the first official update so I can test it and get it in production. In the meantime, I would also welcome suggestions for alternatives to 5.6 - I want to keep my options open.

On a related topic, does anyone have a feel for the likelihood of future e-Smith open source development going beyond the 5.6 release? My concern is that I am continuing to push this platform with no indication that there will be a 6.0, etc. down the road. I know this is a hazard of choosing open source software, but with some of the other platforms there seems to be a clearer intent towards future development.

Not trying to open up a can of worms because I like this product very much and appreciate the folks working on current development. I'm just looking for general opinions from the experts here about its future.
Thanks,
jim

[Kelvin]

Hi Ryan,

I actually took the plunge and upgraded my production server to 5.6 not too long after it was released and after the main packages I intended to run have been updated to support 5.6.

As far as stability goes, I have no complains as yet (touching the biggest block of wood I can lay my hands on !!!), by that I mean it has not crashed on me, it has not mangled any of my files and I have not lost root or user access to it as others have.

I am, however, being plagued by the ongoing problems with PPTP. I too rely heavily on PPTP to support various clients and have found (even after applying Charlie's updated packages) that out going PPTP connections are still problematic, though better than plain vanilla 5.6. Without the updated packages, I was having lots of problems connecting to 90+% of my clients. With the updated packages, I can connect but traffic stops after a short while although still connected. I have to disconnect and then reconnect before I can continue working. Sometimes it lasts for a few minutes, sometimes less than 1.

I've been quite lucky in that things have been fairly quite with clients and I have not had to do any major remote support since I upgraded to 5.6. I keep hoping that a final fix will be made soon. If not, I will probably have to move back to 5.1.2 as well.

Kelvin

[ryan]

It is apparent that 5.6 is broken in regards to PPTP / IPSEC in and out traffic.  This web site says Mitel recommends all users upgrade to 5.6.  I would love to do just that, but not without the full functionality of 5.1.2.

I am hopeful someone in Mitel or close to Mitel could provide input and possibly a suggested course of action.  Are you still suggesting users upgrade to 5.6?  Am I missing something?

The commerical product is now 'different/seperate' (at least by name) from GPL.  Is Mitel loosing interest in GPL e-smith?  If so, can others carry on e-smith the project?  I have been using e-smith for approx. 2 years.  This is an excellent product, but the company and community support appears to be less for each new release.  To be honest, I noticed this change beginning with version 5.0, after Mitel acquired e-smith.  Its too bad a non profit org can't manage the e-smith project.  This would allow pay pal donations to be collected.  I have personally and professinoal benefitted from e-smith and would be happy to donate to a non profit org.  

ryan