Hi Jim,
I have a couple of V20z's running VMWare. I have a Solaris VM for the Sun Ray server and a Red Hat VM for the VPN service. (Racoon). I have no performance issues, but I only have 5 sun rays connecting remotely. The only issue (big issue) I've had is that I wasn't able to configure raccon to accept multiple VPN tunnels from the same IP address. I've even tried using ipfilter on a separate Solaris VM, but I couldn't get it to allocate a dynamic IP pool to map the tunnels to so racoon could accept them as tunnels from different IP addresses. (I'm not sure if I've miss-configured racoon or ipfilter, but I couldn't find any info on the net to solve the problem).
In the end I just created virtual interfaces on the Red Hat VM and exposed them to the web. Each Sun Ray unit connects to a different IP. (So at the moment I can handle 5 sun rays per single IP.)
Hope all that makes sense. Stuart. ------ Stuart Robinson Collective Systems Ltd M: +44 (0)7866 433 911 E: [email protected] <mailto:[email protected]> www.collectivesystems.com <http://www.collectivesystems.com> ClearPath Broker: http://www.collectivesystems.com/clearpath Jim Klimov wrote:
Hello SunRay-Users, I've read with great interest a post a few months back, about using Linux-based raccoon VPN service to emulate Cisco EasyVPN to allow for SunRay connections. The choice of Raccoon and Linux was because no Solaris-based software stack allowed for adequate VPN server. Did anything change over the past months? Is it possible to build a pure Solaris-based VPN server which can accept SunRay2 connections? We want our Solaris 10u6 firewall/gateway server to do VPNs as well. We currently started to play around with OpenVPN 2.1rc15 - after looking around a bit we concluded that it seems to be the only VPN service capable of running on Solaris - and even that requires third-party TUN/TAP drivers. However it seems to run over IP (tcp/udp port 1194 by default) and does not use IP GRE (IP type 47) packets. Which kind of VPN is used by SunRays? Perhaps we didn't search long enough and there are some other free/open VPN software solutions on Solaris? If not, would a virtual machine running on top of the gateway machine (in VirtualBox or Xen xVM's) with a Linux Raccoon provide any sort of performance for this task (if only a POC or to connect a handful of SunRay at home DTUs to the office)? Kind of offtopic maybe, but perhaps someone knows: does the Xen or VirtualBox xVM's networking stack emulate the lowlevel network well enough to make these VPN servers runnable at all?
_______________________________________________ SunRay-Users mailing list [email protected] http://www.filibeto.org/mailman/listinfo/sunray-users
