Koozali.org: home of the SME Server

Legacy Forums => General Discussion (Legacy) => Topic started by: arno on July 29, 2004, 08:42:05 AM

Title: Constant VPN
Post by: arno on July 29, 2004, 08:42:05 AM

Lo,

I have a nice network at home.
my gf has a nice network at home.
Now we wanna make a 24/7 vpn connection to eachother via linux sme server.

I have a good vpn server running, how does she need to configure her SME server?

Greetz Arno

Title: Constant VPN
Post by: meanlocha on July 29, 2004, 04:49:58 PM

She does not have to do anything on SME.

You should open a PPTP port in the remote access
panel, give her a user names and allow
VPN access mode for her user name.

Then she makes a VPN connection to your SME
from her PC.

Then you may need to configure networks etc
if you want her to share files etc.  thats another story.

Anthony

Title: Constant VPN
Post by: arno on July 29, 2004, 05:21:05 PM

meanlocha,

thnx for ur reply, only this is not what i mean.
i wanna have a 24/7 vpn connection on her network, with a sme server on her site.

so her vpn box connects with mine, the whole day week and month

is that possible?

Arno

Title: Constant VPN
Post by: meanlocha on July 29, 2004, 10:36:27 PM

Sorry I read your email too quickly.

I dont know any simple answer.

The only thing I can suggest is:
http://www.stunnel.org/examples

it will obviously take a little work, and depends
on how many services you want to share.

Anthony

Title: Constant VPN
Post by: del on July 30, 2004, 04:01:01 AM

Hi Arno,
I think this may help: http://no.longer.valid/phpwiki/index.php/IPSEC%20VPN
Hope it does.
Regards,
Del

Title: Constant VPN
Post by: pcworkswv on July 30, 2004, 09:25:20 PM

The easiest solution might be to setup a new VPN/Firewall server using IPCop (also uses FreeSWAN) at both location. Your SME server would then have to be setup behind a firewall but the VPN setup of IPCop is extremely easy.
I know this means utilizing more hardware but even a 486 would do the job just fine. I run IPCop on a Pentium 200 and it does great.
Actually, you could setup IPCop behind your SME Server and use NAT Traversal for setting up your VPN connection but I've personally never setup that configuration before. I've always had the VPN server on the firewall.

Anyways, just thought I'd pass along the info.


Here are their sites:

www.ipcop.org
www.ipcops.net

Nathan

Title: Constant VPN
Post by: briank on July 31, 2004, 12:52:33 PM

Quote

The easiest solution might be to setup a new VPN/Firewall server using IPCop

or set up an sme to sme pptp tunnel using pptp-client
(untested on V6 - please feel free :)

http://forums.contribs.org/index.php?topic=22353.0
Regards
Brian

Title: PPTP vs. IPSec
Post by: pcworkswv on July 31, 2004, 04:14:25 PM

briank is right though. Just keep in mind that the following when making your decision:

PPTP - Provides data confidentiality. (Captured packets cannot be interpreted without the encryption key.)
Does not provide data integrity (proof that the data was not modified in transit) or data origin authentication (proof that the data was sent by the authorized user).

IPSec - Offers the highest level of security, providing data confidentiality, data integrity, data origin authentication, and replay protection.

Nathan

Title: Constant VPN
Post by: arno on August 01, 2004, 01:12:20 AM

Thanx guys,

ill give it a try this week.
Thanx for all the info, ill post the results when i am done