Re: VPN question
Alle 13:02, giovedì 14 novembre 2002, Lionel Elie Mamane ha scritto:
> On Thu, Nov 14, 2002 at 12:43:48PM +0100, Iñaki Martínez wrote:
> > I must create a VPN between an external company and a server behind my
> > firewall.
> > Company--->its_router<----Internet--->my_firewall<-----server
> > * How to implement this VPN???
> I would use IPSEC, but there are other solutions: "apt-cache search
> vpn" will give you some.
> > * Software to use (free and/or Open source)
> Freeswan (I use the sid version).
> > * is it better to install a Debian Server/Firewall in this company to
> > make things easy????
> While using a free OS is always better, you can use any other IPSEC
> implementation, they should interoperate. This being said, some / many
> IPSEC implementations support only the slow 3DES (and the insecure
> DES), so using freeswan (with modular extension patches, package
> kernel-patch-freeswan-ext) at both sides can give you a significant
> CPU power usage gain, by using Rijndael (the AES), Blowfish or such.
kernel-patch-freeswan-ext UNSTABLE package or kernel-patch-freeswan STABLE