Which is better for the following.

- FC5 server with ssh/sftp and smb to be connected to via VPN from a
known WinXP machine
- FC5 server with ssh/sftp and smb to be connected to via VPN from a
WinXP laptop from unpredictable locations, etc.

Which requires the least work Wndows client side, and which is better
overall? OpenSwan or OpenVPN?

I have never setup a VPN myself. So it is part need , part curiousity.

Please advise.

Arthur Pemberton.

--=20
To be updated...

--=20
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

Arthur Pemberton wrote:
> Which is better for the following.
>
> - FC5 server with ssh/sftp and smb to be connected to via VPN from a
> known WinXP machine
> - FC5 server with ssh/sftp and smb to be connected to via VPN from a
> WinXP laptop from unpredictable locations, etc.
>
> Which requires the least work Wndows client side, and which is better
> overall? OpenSwan or OpenVPN?
>
> I have never setup a VPN myself. So it is part need , part curiousity.

I can't answer about OpenSwan but I've just set up an OpenVPN server
myself for the first time, which turned out to be very easy, and the
client setup for both Windows and Linux clients is easy too.

Paul.

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

On 5/11/06, Arthur Pemberton <pemboa@gmail.com> wrote:
> Which is better for the following.
>
> - FC5 server with ssh/sftp and smb to be connected to via VPN from a
> known WinXP machine
> - FC5 server with ssh/sftp and smb to be connected to via VPN from a
> WinXP laptop from unpredictable locations, etc.
>
> Which requires the least work Wndows client side, and which is better
> overall? OpenSwan or OpenVPN?
>
> I have never setup a VPN myself. So it is part need , part curiousity.
>
> Please advise.
>

I have done IPSec VPNs (but not OpenSWAN) and OpenVPN. MY vote is with O=
penVPN.

IIUC IPSec is now part of Fedora so OpenSwan would not be needed.

--=20
Leonard Isham, CISSP
Ostendo non ostento.

--=20
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

On Thu, 2006-05-11 at 04:18 -0500, Arthur Pemberton wrote:

> Which requires the least work Wndows client side, and which is better
> overall? OpenSwan or OpenVPN?

OpenVPN, hands down.

There's a RPM package for Fedora, so it's trivial to install. Then they
give you a set of scripts that you can use to generate the certificates;
the documentation is very clear.

For Windows there's an .exe that you can install. Just generate
certificates on the server for each client.
Then install the GUI from http://openvpn.se/
That's it.

--
Florin Andrei

http://florin.myip.org/


--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

Thanks for all the replies guys. OpenVPN it is.

--=20
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

Florin Andrei wrote:
> On Thu, 2006-05-11 at 04:18 -0500, Arthur Pemberton wrote:
>
>> Which requires the least work Wndows client side, and which is better
>> overall? OpenSwan or OpenVPN?
>
> OpenVPN, hands down.
>
> There's a RPM package for Fedora, so it's trivial to install. Then they
> give you a set of scripts that you can use to generate the certificates;
> the documentation is very clear.
>
> For Windows there's an .exe that you can install. Just generate
> certificates on the server for each client.
> Then install the GUI from http://openvpn.se/
> That's it.

See also: http://fedoraproject.org/wiki/openvpn

Paul.

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

On Thu, May 11, 2006 at 05:54:16PM +0100, Paul Howarth wrote:
>
> See also: http://fedoraproject.org/wiki/openvpn
>
> Paul.

Does anyone know what I need to do to have my Linux server as a client of
a SonicWall Firewall VPN?

It looks like OpenSwan/Ipsec is installed on my machine and I have
been reading the documentation.

Has anyone done this before? I'd love to be able to use my home Linux
server to connect into my office VPN, freeing myself from having to
use my WinXP laptop and the Socinwall windows client.

---Kayvan
--
Kayvan A. Sylvan | Proud husband of | Father to my kids:
Sylvan Associates, Inc. | Laura Isabella Sylvan, | Katherine Yelena (8/8/89)
http://sylvan.com/~kayvan | my beautiful Queen. | Robin Gregory (2/28/92)

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

On 5/11/06, Kayvan A. Sylvan <kayvan@sylvan.com> wrote:
> On Thu, May 11, 2006 at 05:54:16PM +0100, Paul Howarth wrote:
> >
> > See also: http://fedoraproject.org/wiki/openvpn
> >
> > Paul.
>
> Does anyone know what I need to do to have my Linux server as a client =
of
> a SonicWall Firewall VPN?
>
> It looks like OpenSwan/Ipsec is installed on my machine and I have
> been reading the documentation.
>
> Has anyone done this before? I'd love to be able to use my home Linux
> server to connect into my office VPN, freeing myself from having to
> use my WinXP laptop and the Socinwall windows client.
>

The first thing to do would be to find out how your work VPN works,
ie. find out what protocols etc. that it uses.

--=20
To be updated...

--=20
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

On Thu, 2006-05-11 at 12:49 -0700, Kayvan A. Sylvan wrote:

> Does anyone know what I need to do to have my Linux server as a client of
> a SonicWall Firewall VPN?

You can start tinkering with the IPSec VPN stuff that comes with Fedora.
Most of the big-name VPN things use IPSec, so there's a chance that you
may be able to connect.

Use Google wisely, you may find out that someone already did this
(interconnect Linux and SonicWall).

--
Florin Andrei

http://florin.myip.org/


--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

Arthur Pemberton wrote:
> Which is better for the following.
>
> - FC5 server with ssh/sftp and smb to be connected to via VPN from a
> known WinXP machine
> - FC5 server with ssh/sftp and smb to be connected to via VPN from a
> WinXP laptop from unpredictable locations, etc.
>
> Which requires the least work Wndows client side, and which is better
> overall? OpenSwan or OpenVPN?
>
> I have never setup a VPN myself. So it is part need , part curiousity.
>
> Please advise.
>
> Arthur Pemberton.
>

Arthur

I'm using OpenVPN for a mesh vpn and Poptop for client/server. Poptop
requires absolutely no configuration on the client side other than
filling what's required in the "New connection" wizard. However, pptp
may not be as secure as l2tp or ipsec.

Regards

Chris Hills

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

Chris Hills wrote:
> Arthur Pemberton wrote:
>> Which is better for the following.
>>
>> - FC5 server with ssh/sftp and smb to be connected to via VPN from a
>> known WinXP machine
>> - FC5 server with ssh/sftp and smb to be connected to via VPN from a
>> WinXP laptop from unpredictable locations, etc.
>>
>> Which requires the least work Wndows client side, and which is better
>> overall? OpenSwan or OpenVPN?
>>
>> I have never setup a VPN myself. So it is part need , part curiousity.
>>
>> Please advise.
>>
>> Arthur Pemberton.
>>
>
> Arthur
>
> I'm using OpenVPN for a mesh vpn and Poptop for client/server. Poptop
> requires absolutely no configuration on the client side other than
> filling what's required in the "New connection" wizard. However, pptp
> may not be as secure as l2tp or ipsec.

There's no "may" about it; pptp is definitely less secure.

http://poptop.sourceforge.net/dox/protocol-security.phtml

Paul.

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list