SnippedSorry to slightly change the direction of this thread... I now have a new email client that at least doesn't do it without my knowledge (:
I have RedHat 9 on each site. I could build a couple of IPCop Boxes and have them changed over if that would meet all the requirments. What's the difference?
A huge difference. IPCop is an SPI Firewall distro and the VPN config is via GUI, not some esoteric config files that IPSec experts only understand.
That said, you should look at IPCop v1.4beta for your VPN, IMHO. The beta version allows for a blue interface, designated for wireless. Chuck an access point on the blue, plug in the mac address and the blue goes to red, but not green by default. For VPN, yes it is a little bit tricky with IPCop for beginners, but a damn sight better than manual config. It does a two node VPN very well. I do not have it going with more than two nodes, but did not try that hard as the GUI does not allow for that AFAIK. Remember that right stands for Red, and left for Local network, and you are set in IPCop. There is a surprising amount of support and extras for IPCop when you go looking for it. Like anything, you need to play in a LAB environment before.
Ciao, Dave
I have only used vpns from Linux to a windoze server, using ppp/pptp. Very problematic at the best of times, as you find that many sites are uncontactable because the Linux sw refuses to work at such low security level as that offered by the M$ side ( eg the default offered by NT4 )! I've also set up Cisco <-> Cisco stuff, but that's at the other end of the spectrum. Does IPCop offer a decent middle ground between the two, easyish to set up and a fraction of the cost of two Cisco routers or firewalls?
I'm trying to get away from the last few M$ hurdles... rdesktop and vpns would do it, now that Larry Ellison is so pro Linux ( yeah, as long as you pay for your Linux installation, you get supported Oracle ! ).
The only sites that I can trial on are those of my customers, so I don't want to push it too far, as you can imagine! Unless anyone's got a test site out there I can play with. I'm most happy to publish my results, as I'll be writing it all down anyway, my grey matter being greyer than most.
Cheers,
Steve
