Yep... it's dead easy to set up... a handful of menu choices and your done. We didn't use it with a VPN, but the rest I know works very well.
Vern Jon wrote: > Got some more feedback on this from James, he pointed me to IPCop which > looks kind of like an all-in-one package. > > Anyone used IPCop? > > On Wed, 2008-06-18 at 01:01 -0400, Rob Ludwick wrote: >> OpenVPN is good. Clients for Windows, Linux, and MacOS exist. >> >> Configuration can be done via X.509 certs as well as username/password >> authentication (or hey, if you're paranoid, both). >> >> It's more secure than Microsoft's PPTP, and it's faster than Tor. >> >> I do recommend you start here, it's the one I started off with. >> http://www.thebakershome.net/openvpn_tutorial >> >> Proto should be TCP... and heck, use TAP0 (Ethernet Bridging). >> >> It uses X.509 Certs, but if you look around there are configurations for >> Username/Password. >> >> --R >> >> >>> Here's what I'm thinking. I want a VPN box (likely Ubuntu and SSH based) >>> between my cable modem and my router. Any of my trusted machines run >>> over open wireless or cat5 to the router and are configured to connect >>> to the VPN. Then any connections over the open wireless or a tor exit >>> node get logged (both CYA and traffic snooping) and go out to the >>> internet. >>> >>> Goal is to explore the networking side of IT a little more, help my >>> paranoid bretheren with Tor, and learn how to build a system that can >>> safely function in a hostile environment. >>> >>> Depending on my mood I may also get a little grey-hat and see if >>> anything interesting is coming through the unsecured wireless and Tor. >>> >>> Some questions: >>> 1. Recommendations for a distro and VPN software for the VPN box? I'm >>> most comfortable with Ubuntu, but I'm open to other options. Obviously >>> the most common and easiest to configure VPN option wins. >>> 2. How can I prevent the open connections from the outside from getting >>> inside? I'm open to sharing my bandwidth, but I want to keep people from >>> peeing in my pool. >>> 3. How can I throttle (simple bandwidth cap) the unsecured traffic? The >>> day will come when I decide to find out how far I can push Comcast, it >>> will be the same day I decide to sign up for FiOS. >>> 4. How can I give secured traffic priority over unsecured traffic? I.E. >>> my ISO downloads come down BEFORE the tor node gets to myspace. >>> 5. How can I readily configure my own Linux boxes, my wifes Mac, and any >>> of my guests computers to connect to the VPN? Machines that regularly >>> use the network should autoconfgure. >>> 6. Any suggestions for dynamic DNS services? >>> 7. How can I sanely manage the logs for the open connections? Following >>> Bruce Scheiers idea of having an open wireless router is interesting, >>> but I would prefer a more reliable way of covering my ass. >>> >>> >> >> _______________________________________________ >> Fwlug mailing list >> [email protected] >> http://fortwaynelug.org/mailman/listinfo/fwlug_fortwaynelug.org _______________________________________________ Fwlug mailing list [email protected] http://fortwaynelug.org/mailman/listinfo/fwlug_fortwaynelug.org
