>I'm not certain but I think that freeS/WAN will talk to MS IPSec. I have
>not tried though. I saw somewhere that there is a (commercial?) PGP
>package that supports this under Windows too.
The software is NAIs PGPnet and the noncommercial version (free) supports
connections only to the gateway. If one requires tunneling to internal
nodes, you need the commercial version (not free). IPSec is implemented in
w2000 and not in w9x and I hear that there are problems trying to connect
natively in w2000? None of this is from experience, just reading.
I would like to browse the MS network from the internet as a roadwarrior.
The gateway is Linux 7.2 w/ Samba acting as PDC and WINS server (ipmasq
too). I already use putty on win machines to ssh into it.
I guess that brings me to kernel source - never had a reason to patch a
kernel - I guess I do now. Where can I get a mandrake specific kernel
source in tar format or can I use the source RPM off the CD and mv the Linux
folder and install the source again? Hmm... better look into it some more.
Thxs
Andy Judge
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Scott Patten
Sent: Friday, March 02, 2001 1:10 AM
To: [EMAIL PROTECTED]
Subject: Re: [expert] VPN software
> Is there an RPM for freeS/WAN or poptop available or do we need to install
> from source?
I've never seen one. I have looked. This makes sense though. Both
require patching the kernel. I know there are various capabilities added
to the Mandrake kernels (reiserfs, security patches, etc.) but I don't
think that freeS/WAN or PoPTop are included.
> Also, does 7.2 support the latest version of poptop and
> FreeS/WAN?
It doesn't support it in the sense that it doesn't ship with it. The only
way that I have seen these available is in source form. You compile the
patched kernel and you compile supporting software with one command
typically. The freeS/WAN docs cover this rather well.
> I assume the FreeS/WAN is more difficult to configure in a MS
> / Linux environment since it requires a 3rd party client software.
I'm not certain but I think that freeS/WAN will talk to MS IPSec. I have
not tried though. I saw somewhere that there is a (commercial?) PGP
package that supports this under Windows too.
Do you need to encrypt TCP traffic or UDP as well? Do you need to access
lots of ports or only a few? Do you have a couple users or many? A simple
(simple to set up) solution is to use OpenSSH on the linux server and
TerraTerm and TTSSH on the Windows client to gain access to specific ports
on a secure network. This isn't perfect by any means but it's much easier
to configure. I actually have used all 3 methods and I like freeS/WAN the
best. It also took the most time to configure and only works between 2
Linux systems.
I have seen other solutions on Freshmeat. I have tried a couple with no
success (because of a problem with ipchains and not the particular
software). There are solutions that don't require patching the kernel but
I think they only work in Linux or *nix environments.
Cheers,
Scott Patten
