Re: [smartos-discuss] Proposed Experimental Setup

2017-08-07 Thread Jason King
August 6, 2017 3:48:50 AM Subject: RE: [smartos-discuss] Proposed Experimental Setup All the IPsec utilities are still there (sadly the in.ike bits are still closed source).  You’d likely want to do everything from a zone since there’s nothing setup in a smartos global zone to use them. On Aug

Re: [smartos-discuss] Proposed Experimental Setup

2017-08-07 Thread Miroslav Bagljaš
2017 3:48:50 AM Subject: RE: [smartos-discuss] Proposed Experimental Setup All the IPsec utilities are still there (sadly the in.ike bits are still closed source).  You’d likely want to do everything from a zone since there’s nothing setup in a smartos global zone to use them. On August 5

RE: [smartos-discuss] Proposed Experimental Setup

2017-08-05 Thread Jason King
All the IPsec utilities are still there (sadly the in.ike bits are still closed source).  You’d likely want to do everything from a zone since there’s nothing setup in a smartos global zone to use them. On August 5, 2017 at 5:27:18 AM, a b (tripivc...@hotmail.com) wrote: While we are on th

Re: [smartos-discuss] Proposed Experimental Setup

2017-08-05 Thread Lonnie Cumberland
Thanks to everyone who has commented on the proposed experimental setup as your input is truly appreciated. Actually, I firmly believe that hardware VPN solutions are the best approach for consolidated data centers and are the optimal path. The proposed experiment is just to test one small part o

RE: [smartos-discuss] Proposed Experimental Setup

2017-08-05 Thread a b
While we are on the subject of VPN, I used to run a datacenter triad (4200 km distance, 100ms latency) just by using Solaris 10, IPFilter and built-in IPsec. IPsec was configured via pkgadd(1M) and used a pre-shared key which changed every three minutes via built-in IKE daemon. What is the statu

Re: [smartos-discuss] Proposed Experimental Setup

2017-08-04 Thread Steve
Thank you! There is one note I'd like to remind people about on the subject of VPNs and security. VPNs are great solutions to join different remote networks and allowing people to work from home, lot's of flexibility! The invisible elephant in the room is the often missed liability with nice sec

RE: [smartos-discuss] Proposed Experimental Setup

2017-08-03 Thread the outsider
Welcome at the SmartOS club ! 😉 No matter what or how you decide (SDC/TDC/ pure SmartOS) I would strongly suggest that you use a hardware VPN solution. I always use Cisco ASA5512 in the front of our servers. Although it costs approx. € 2500,- including licenses and setup costs, I am 99.99%