Re: IPSec VPN

To: Jens Hafner <jens.h@fner.org>
Cc: debian-security@lists.debian.org
Subject: Re: IPSec VPN
From: Dale Amon <amon@vnl.com>
Date: Tue, 13 Aug 2002 11:42:51 +0100
Message-id: <[🔎] 20020813104251.GM2667@vnl.com>
In-reply-to: <[🔎] 000101c2429b$09fe9ac0$6400a8c0@MELLY>
References: <[🔎] 000801c2414d$63dcd7e0$6400a8c0@MELLY> <[🔎] 000101c2429b$09fe9ac0$6400a8c0@MELLY>

On Tue, Aug 13, 2002 at 09:28:37AM +0200, Jens Hafner wrote:
> 
> Thanks to all who took time to reply to my questions about the VPN
> network.
> After reading the articles you directed me at (including the "Freeswan
> page" and the "VPN Masquerade HOWTO", I find that it might be a better
> idea to not masquerade the VPN client on the WIN2K machine but to
> install an VPN client right on the Linux box, that connects my network
> to my companies network.

This is what I do. Beware that you have to disable anti-spoofing on
eth1 and ipsec0 (assuming eth1 is your external). I've talked about
this for months with one of the (now former) FreeSWAN team. 

> Here are my questions:
> - Will any VPN client do? Or do I need to find one that is compatible
> with my Extranet Access Client?
> - If so which is compatible? Is FreeSWan compatible?
> - Which client can you recommend?

I would try FreeSWAN first. It's not a client program if it's on
a linux box. You just set up /etc/ipsec.conf to make it so. You can
run as many tunnels as you like. I tie into 3 or 4 other networks plus
my road warrior connection.

FreeSWAN is standards compliant ipsec, so if it doesn't work it means
the other end isn't.

Reply to:

References:
- IPSec VPN
  - From: "Jens Hafner" <jens.h@fner.org>
- RE: IPSec VPN
  - From: "Jens Hafner" <jens.h@fner.org>

Prev by Date: Re: Tiger complaints on /home group
Next by Date: Re: Email Virus Scanner
Previous by thread: RE: IPSec VPN
Next by thread: Re: IPSec VPN
Index(es):
- Date
- Thread