-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sridhar Dhanapalan wrote: > Perhaps a (messy) way around this would be to run Windows in a virtual > machine and run the VPN client in there. Then use that VM as a > proxy/gateway for the host machine. >
I work for a big bastard corporate who, by policy, allow connections in and out only via an ANCIENT Citrix gateway which is not compatible with the current Linux Citrix clients [1]. My "solution" is as below: to run a Windows VM (under VirtualBox) and connect back in that way. This is frustrating for several reasons: 1) I'm still running Windows. While I don't pay for the licenses (work supplies that), it's annoying to need to boot Windows for something so trivial. 2) My workflow is broken by having my main tools on my Linux system, and having direct access only from within a VM. 3) Ironically the Citrix gateway is the only valid way into the business remotely by their ageing security policy [2]. Somehow I can't help but wonder if Windows 2000 running Citrix 3.0 is less secure than a modern, fully patched Linux machine? More recently I've been required to do quite a lot of after hours work. It is now to the point that despite having a company-provided laptop and remote connection, I still drive into work after hours to perform more complex operations. And before anyone has a go at me for not running a supported SOE in a corporate, I am their Senior Linux/UNIX sysadmin, and run one of their certified environments for managing Linux/UNIX systems (i.e.: Ubuntu Linux). Anyways, less ranting more point: Windows VMs just for remote connections or VPNs is a pain in the butt. I find the concept of a modern University not providing access to non-Windows environments entirely short sighted in this day and age where almost every University on the planet with a computer science department has at least one Linux based course offered in it's curriculum. - -Dan [1] Connecting from a Linux machine with a modern Citrix client crashes the gateway server. Yes, I can DoS my own company by merely connecting in remotely. Brilliant work. [2] http://isc.sans.org/diary.html?storyid=5644 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkq2CfQACgkQeFJDv0P9Qb94mACfZ+REMUPxL3nzDiZVtI4Sqkt6 NgQAoJ8Eo1Ux4UXiiYyZvCESUI0V4CBL =nYB5 -----END PGP SIGNATURE----- -- ubuntu-au mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-au
