On Tue, Sep 03, 2002 at 12:12:29AM -0700, Gordon Messmer wrote: > On Tue, 2002-09-03 at 03:40, Gary Stainburn wrote: > > On Tuesday 03 Sep 2002 11:14 am, Ionel Ploaie wrote: > > > i try o find a vpn client for linux (RedHat 7.3) > > > can somebody help? > > > > I missed one, http://tldp.org/HOWTO/VPN-HOWTO/index.html. This will probably > > be a much better resource than the Mini HOWTO I mentioned before. > > Matthew hasn't updated that document in a long time, but he means to. > In the meantime, the ssh-vpn scripts here: > http://www.dragonsdawn.net/~gordon/vpn/ > do what you want without excessive use of "sudo", or any programs that > aren't included in Red Hat Linux, and integrate nicely into Red Hat's > interface configuration scheme. This is an excellent option for UNIX to > UNIX VPN's where the two do not support other links, like IPSec.
Beware of vpn tunnels over TCP. They are dangerous, specially if you start to have packet loss. Since you have two TCP packets lost simultaneously, (the VPN transport packet and the data packet), you have double retransmission. Which leads to more packet loss which leads to more retransmission... get it? (See http://www.freesoft.org/CIE/Topics/141.htm). Note that this effect does not affect just ssh-basaed VPNs, but all TCP based ones. > Red Hat Linux also includes CIPE out of the box. This is an excellent > option for Red Hat Linux to RHL VPN's. Haven't tried cipe, but vtund works like a charm. The RPM install on both enigma and valhalla without a glitch and configuration is quite easy. It has support for encryption (hence the V), compression, shaping (somewhat flaky if you try it with compression enabled), though I've read that vtund's security is somewhat lax (http://pulhas.org/xploitsdb/mUNIXes/4989.html). > Links to Windows networks will probably require PoPToP. Links to IPSec > (the "standard" VPN protocol) will require freeswan. Cheers, -- Javier Gostling Ingeniero de Sistemas Virtualia S.A. [EMAIL PROTECTED] Fono: +56 (2) 202-6264 x 130 Fax: +56 (2) 342-8763 Av. Kennedy 5757, of 1502 Las Condes Santiago Chile
msg87238/pgp00000.pgp
Description: PGP signature
