[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: VPN question



On Thu, Nov 14, 2002 at 12:43:48PM +0100, Iñaki Martínez wrote:

>  I must create a VPN between an external company and a server behind my
> firewall.

>  Company--->its_router<----Internet--->my_firewall<-----server

>  * How to implement this VPN???

I would use IPSEC, but there are other solutions: "apt-cache search
vpn" will give you some.

>  * Software to use (free and/or Open source)

Freeswan (I use the sid version).

>  * is it better to install a Debian Server/Firewall in this company to make
>    things easy????

While using a free OS is always better, you can use any other IPSEC
implementation, they should interoperate. This being said, some / many
IPSEC implementations support only the slow 3DES (and the insecure
DES), so using freeswan (with modular extension patches, package
kernel-patch-freeswan-ext) at both sides can give you a significant
CPU power usage gain, by using Rijndael (the AES), Blowfish or such.

-- 
Lionel

Attachment: pgpEbAaA3hcNa.pgp
Description: PGP signature


Reply to: