Re: [SLUG] Need Help with VPN on Linux

From: Patrick Grantham (pwgrant@yahoo.com)
Date: Tue Oct 16 2001 - 09:04:06 EDT

Next message: Patrick Grantham: "Re: [SLUG] What SCSI Card to buy?"
Previous message: Andrew Wyatt: "RE: [SLUG] What SCSI Card to buy?"
In reply to: Bryan-TheBS-Smith: "Re: [SLUG] Need Help with VPN on Linux"
Next in thread: Russ Wright: "Re: [SLUG] Need Help with VPN on Linux"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

What ports need to be opened and forwarded to a linux vpn server on an
external firewall/router (i.e. linksys, netetgeat, etc.)?

----- Original Message -----
From: "Bryan-TheBS-Smith" <b.j.smith@ieee.org>
To: <slug@nks.net>
Sent: Tuesday, October 16, 2001 4:18 AM
Subject: Re: [SLUG] Need Help with VPN on Linux

> Russ Wright wrote:
> > Thanks for your reply. I looked through the links. Most of them are
for
> > setting up a linux VPN server and attaching with Windows. I am looking
to do
> > the opposite. Go from my Linux box, into an NT network through VPN.
> > Perhaps this topic does not exist?
>
> No, it does. But it depends on your NT VPN.
>
> If you are using ultra-crappy/cracker-friendly (especially in
> version 1.x) Microsoft PPTP (point-to-point tunneling protocol),
> Linux supports that. If you run RedHat, there is a "pptpd" (PPTP
> daemon) RPM on the Powertools CD (at least in 7.0/7.1) that you want
> to install. It installs a service in the /etc/inittab
> (initialization/boot-time config file) that is used to connect to
> the remote system on startup.
>
> After installing, look or the docs in /usr/share/pptp-* to help you
> get started.
>
> If you are using a 3rd party VPN, it will depend on the
> implementation. For IPSEC, FreeS/WAN (http://www.freeswan.org) is a
> kernel module and associated user utility that will add a "tripple
> DES"-only (they refused to support normal DES because they feel it
> isn't strong enough) IPSEC support that is fairly interoperable with
> various products like McAfee PGPnet, various Checkpoint products,
> etc...
>
> Personally, I don't like to use anything that doesn't support the
> Blowfish (or Twofish) cipher (which is fast and more secure IMHO).
> I also don't like "all access" VPNs like most VPNs are because they
> open your corporate network to all exploits your home/remote users
> have. But I'll leave that debate for another time.
>
> -- TheBS
>
> --
> Bryan "TheBS" Smith mailto:b.j.smith@ieee.org chat:thebs413
> Engineer AbsoluteValue Systems, Inc. http://www.linux-wlan.org
> President SmithConcepts, Inc. http://www.SmithConcepts.com
> ------------------------------------------------------------------
> Those living in the US who consider the American flag to be a sym-
> bol of oppression obviously fail to understand what the word means

_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

Next message: Patrick Grantham: "Re: [SLUG] What SCSI Card to buy?"
Previous message: Andrew Wyatt: "RE: [SLUG] What SCSI Card to buy?"
In reply to: Bryan-TheBS-Smith: "Re: [SLUG] Need Help with VPN on Linux"
Next in thread: Russ Wright: "Re: [SLUG] Need Help with VPN on Linux"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 15:22:20 EDT