Re: VPN Solution for my current Situation.
perikillo wrote: Hi people. I want to know which is the best VPN solution i need to my current situation: 2 Offices 1 Mexico-Tijuana 1 E.U.-Otay Mesa(both in the border). In E.U. Offices with have: DNS+Firewall+Proxy Linux Mail Server Linux Samba Linux PBX Altigen Win NT ERP DBA Linux Backup FreeBSD. Mexico PBX Same system Samba ERP DBA(This is the busies from both sites) Backup FreeBSD 65 User 55 Mexico 10 E.U. 40 user in Mexico have mail account only 15 Internet access all the users in E.U have mail account Internet access. We share files, E.U. users access the ERP system in Mexico. If the users in Mexico need Internet, they have to reach the proxy in E.U. Both PBX systems have communication for company internal calls, external calls. All this communication of Voice and Data goes over one private link, but next year our contract is going to finish, them we need to negotiate the next contract. Another thing, is that we are planning to start the VoIP solution and see is we can remove our current PBX system with Asterisk. My questions es this: Supposed that we continue with the same Private Line, and we add another public line to do some VPN between both facilities if one link fail the other can continue(backup) or have both sharing the workload, with this workload which VPN solution is the best for my situation: IPsec, OpenVPN, etc? Speaking of FreeBSD, because there is where i want to deploy the VPN solution in Mexico, in E.U. we have there Linux, this can be problematic? Hope you understand my layout english, any advice is welcome, thanks all for your time!!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] mpd for FreeBSD... it just works. -- Nathan Vidican [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: VPN Solution for my current Situation.
Hi Selon Nathan Vidican [EMAIL PROTECTED]: perikillo wrote: Hi people. I want to know which is the best VPN solution i need to my current situation: 2 Offices 1 Mexico-Tijuana 1 E.U.-Otay Mesa(both in the border). In E.U. Offices with have: DNS+Firewall+Proxy Linux Mail Server Linux Samba Linux PBX Altigen Win NT ERP DBA Linux Backup FreeBSD. Mexico PBX Same system Samba ERP DBA(This is the busies from both sites) Backup FreeBSD 65 User 55 Mexico 10 E.U. 40 user in Mexico have mail account only 15 Internet access all the users in E.U have mail account Internet access. We share files, E.U. users access the ERP system in Mexico. If the users in Mexico need Internet, they have to reach the proxy in E.U. Both PBX systems have communication for company internal calls, external calls. All this communication of Voice and Data goes over one private link, but next year our contract is going to finish, them we need to negotiate the next contract. Another thing, is that we are planning to start the VoIP solution and see is we can remove our current PBX system with Asterisk. My questions es this: Supposed that we continue with the same Private Line, and we add another public line to do some VPN between both facilities if one link fail the other can continue(backup) or have both sharing the workload, with this workload which VPN solution is the best for my situation: IPsec, OpenVPN, etc? Speaking of FreeBSD, because there is where i want to deploy the VPN solution in Mexico, in E.U. we have there Linux, this can be problematic? Hope you understand my layout english, any advice is welcome, thanks all for your time!!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] mpd for FreeBSD... it just works. The choice is up to you - We also use OpenVPN for site-to-site VPN SSL tunnels and it is also a good and easy solution. Authentication is based on X509 certificates for cross-authentication - With OpenVPN's multiple and fine-grained options. We have good performance with strong encryption options. The protocol (UDP) encapsulation is also a nice feature. The Linux-FreeBSD is not a problem at all. -- Nathan Vidican [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Philippe Laquet. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: VPN Solution for my current Situation.
On 12/11/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Hi Selon Nathan Vidican [EMAIL PROTECTED]: perikillo wrote: Hi people. I want to know which is the best VPN solution i need to my current situation: 2 Offices 1 Mexico-Tijuana 1 E.U.-Otay Mesa(both in the border). In E.U. Offices with have: DNS+Firewall+Proxy Linux Mail Server Linux Samba Linux PBX Altigen Win NT ERP DBA Linux Backup FreeBSD. Mexico PBX Same system Samba ERP DBA(This is the busies from both sites) Backup FreeBSD 65 User 55 Mexico 10 E.U. 40 user in Mexico have mail account only 15 Internet access all the users in E.U have mail account Internet access. We share files, E.U. users access the ERP system in Mexico. If the users in Mexico need Internet, they have to reach the proxy in E.U. Both PBX systems have communication for company internal calls, external calls. All this communication of Voice and Data goes over one private link, but next year our contract is going to finish, them we need to negotiate the next contract. Another thing, is that we are planning to start the VoIP solution and see is we can remove our current PBX system with Asterisk. My questions es this: Supposed that we continue with the same Private Line, and we add another public line to do some VPN between both facilities if one link fail the other can continue(backup) or have both sharing the workload, with this workload which VPN solution is the best for my situation: IPsec, OpenVPN, etc? Speaking of FreeBSD, because there is where i want to deploy the VPN solution in Mexico, in E.U. we have there Linux, this can be problematic? Hope you understand my layout english, any advice is welcome, thanks all for your time!!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] mpd for FreeBSD... it just works. The choice is up to you - We also use OpenVPN for site-to-site VPN SSL tunnels and it is also a good and easy solution. Authentication is based on X509 certificates for cross-authentication - With OpenVPN's multiple and fine-grained options. We have good performance with strong encryption options. The protocol (UDP) encapsulation is also a nice feature. The Linux-FreeBSD is not a problem at all. -- Nathan Vidican [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Philippe Laquet. I see that OpenVPN is the first choice, i will try this port first latter continue with other ones. Thanks all for your answer. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: VPN Solution for my current Situation.
hi perikillo, I'm prefer to use PoPToP than the another one. If you want to easy setup, you can also put webmin on the same server. regards, koro On Sun, 10 Dec 2006, perikillo wrote: IPsec, OpenVPN, etc? Speaking of FreeBSD, because there is where i want to deploy the VPN solution in Mexico, in E.U. we have there Linux, this can be problematic? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: about VPN solution
IPSEC not work on Win98 systems, and is not a very apreciated solution! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: about VPN solution
At 04:15 AM 8/11/2005, vladone wrote: IPSEC not work on Win98 systems, and is not a very apreciated solution! You can use mpd which is in ports (/usr/ports/net/mpd) to set up a PPTP server that will work with the windows VPN client. -Glenn ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: about VPN solution
Thanks all for reply. I read some about openvpn. Look good but, if i understand corectly, this not support pptp (that is default for VPN connections under Windows OS) and need an client aplication tu be installed on client machine. This is suported only on Win2000 and XP. I have an clients with Win98 and for this is not possibil to use openvpn. I read about authpf, look very good :). But this work with pf. I use ipfw with dummynet for traffic shaping and ipnat for nat. This require IPFW and IPFILTER. I think is not very good to enable three firewalls (with PF). Another problem, is that need for client to be authenticate via ssh. For 2-3 clients is ok, but for 100 is not very acceptable. I see for win possibil to use pppoe (for all version). Is possibil to build an solution with this? Hoe i can build an pppoe server? Or another solution? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
about VPN solution
Hi! I have an private network, that acces the internet via an freebsd gateway. I want to buil some authentication for my users, to prevent ilegal connections. When an user want to connect to my gateway (to acces the internet), require to enter user and password. My questions is: What solution, is best for this? I read some about VPN, but if someone have an better documentation aplicable for this situation please! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: about VPN solution
At 03:15 AM 8/9/2005, vladone wrote: Hi! I have an private network, that acces the internet via an freebsd gateway. I want to buil some authentication for my users, to prevent ilegal connections. When an user want to connect to my gateway (to acces the internet), require to enter user and password. My questions is: What solution, is best for this? m0n0wall should be able to do what you want, and it's based on FreeBSD. http://m0n0.ch/wall/ -Glenn I read some about VPN, but if someone have an better documentation aplicable for this situation please! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: about VPN solution
On 8/9/05, Glenn Dawson [EMAIL PROTECTED] wrote: At 03:15 AM 8/9/2005, vladone wrote: Hi! I have an private network, that acces the internet via an freebsd gateway. I want to buil some authentication for my users, to prevent ilegal connections. When an user want to connect to my gateway (to acces the internet), require to enter user and password. My questions is: What solution, is best for this? m0n0wall should be able to do what you want, and it's based on FreeBSD. http://m0n0.ch/wall/ -Glenn You could try openvpn (http://openvpn.net/) too. It can run as an extra service on your freebsd box and provide ssl based vpn access using ssl certificates for authentication. Panagiotis ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: about VPN solution
On 9 Srpen 2005, 17:16, Panagiotis Christias napsal(a): On 8/9/05, Glenn Dawson [EMAIL PROTECTED] wrote: At 03:15 AM 8/9/2005, vladone wrote: Hi! I have an private network, that acces the internet via an freebsd gateway. I want to buil some authentication for my users, to prevent ilegal connections. When an user want to connect to my gateway (to acces the internet), require to enter user and password. My questions is: What solution, is best for this? m0n0wall should be able to do what you want, and it's based on FreeBSD. http://m0n0.ch/wall/ -Glenn You could try openvpn (http://openvpn.net/) too. It can run as an extra service on your freebsd box and provide ssl based vpn access using ssl certificates for authentication. Panagiotis Hi, vladone, if I understand well your issue (to authenticate the inner users), I think authpf(8) could be probably your friend. Pavel. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: VPN solution
On 7/19/05, chris [EMAIL PROTECTED] wrote: Hello all, Im looking around for a VPN solution that utilizes IPSEC and ssl. What im really lookng for here on the list is suggestions. I need to use IPSEC and ssl due to what is being ran at work (running linux). I dont need anything fancy, just somthing that will connect using the above security measures. Im currently running 4.x. Any help would be appreciated. Thanks -- Christopher Johnson - [EMAIL PROTECTED] What's wrong with just a 3DES, CAST128, or Blowfish IPSec VPN with ESP for phase 2?... whats special about SSH on SSL on IPSec?, I'm clueless about all this kinda stuff? I think what your looking for is OpenVPN http://openvpn.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: VPN solution
On 7/20/05, Nikolas Britton [EMAIL PROTECTED] wrote: On 7/19/05, chris [EMAIL PROTECTED] wrote: Hello all, Im looking around for a VPN solution that utilizes IPSEC and ssl. What im really lookng for here on the list is suggestions. I need to use IPSEC and ssl due to what is being ran at work (running linux). I dont need anything fancy, just somthing that will connect using the above security measures. Im currently running 4.x. Any help would be appreciated. Thanks -- Christopher Johnson - [EMAIL PROTECTED] What's wrong with just a 3DES, CAST128, or Blowfish IPSec VPN with ESP for phase 2?... whats special about SSH on SSL on IPSec?, I'm clueless about all this kinda stuff? I think what your looking for is OpenVPN http://openvpn.net/ Umm and Is a P166 to slow to run a blowfish IPsec site to site VPN? I have that setup like that right now, here, and I'm getting at most 20KB/s to the other end of the VPN. Normaly I can upload 40 ~ 45KB/s to the internet at this location and the other end has a DS0. I think it's the P166 that's the problem but I just want a 2nd opinion before I dig in and spend time building a new firewall box any takers? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: VPN solution
On Tue, Jul 19, 2005 at 11:26:17PM -0400, chris wrote: Im looking around for a VPN solution that utilizes IPSEC and ssl. What im really lookng for here on the list is suggestions. I need to use IPSEC and ssl due to what is being ran at work (running linux). I dont need anything fancy, just somthing that will connect using the above security measures. Im currently running 4.x. Any help would be appreciated. Would freenx work for you? Uses X compression over SSH. Has native clients for OSX, Windows and Linux (not sure about a BSD client). If the server at the office is not running X, you could install X and ratpoison and pretend it is just screen on steroids. m ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
VPN solution
Hello all, Im looking around for a VPN solution that utilizes IPSEC and ssl. What im really lookng for here on the list is suggestions. I need to use IPSEC and ssl due to what is being ran at work (running linux). I dont need anything fancy, just somthing that will connect using the above security measures. Im currently running 4.x. Any help would be appreciated. Thanks -- Christopher Johnson - [EMAIL PROTECTED] pgptnIpQxjOfl.pgp Description: PGP signature
road warrior VPN solution needed
I'm looking for a solution to the following VPN setup: FreeBSD server on public IP address Private, firewalled office LAN Road warrior laptop users requiring access to the LAN Users are anywhere in the world, possibly behind NAT Users run Win2k or XP Client software must be minimal, and easy to install and configure It must be reliable Minimal budget Minimal patching and tweaking of server software would be a bonus. I'm prepared to get my hands dirty a little, but something that just werks without in-depth knowlege about IPSec and protocols would be good too. The need for a Windows pointy-clicky interface appears to imply use of either L2TP or PPTP. Getting Ipsec working to an XP machine, using Racoon and shared secrets seems to work OK. But I've just wasted a day trying to get either of poptop and l2ptd working. The debugging output is terrible, and I'm not sure if my ppp configs are at all sane. If anyone has a working Poptop or l2tpd setup, could they possibly give me a look at their config (including ipsec and ppp config)? I think I am missing something, but I'm not sure what. Alternatively, if anyone has advise on other solutions to this problem (including paying small sums for alternative software/hardware) then I'm all ears. Jon ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]