OpenVPN [was: IPSec VPN docs]

Mark Haney mark.haney at doctordirectory.com
Fri Mar 26 19:24:01 UTC 2004 

Hey thanks for that.  I might try that if the DLINK people can't give me 
what I need.  I found a FreeSWAN doc about setting up an IPSec VPN from a 
DLINK firewall but it was in Russian, and since my Russian is rusty 
(*cough, non existant, cough*), it really hasn't helped much.  If FreeSWAN 
doesn't jive, I'll try that with the DLINK.

On 26 Mar 2004 11:06:25 -0800, Florin Andrei <florin at andrei.myip.org> 
wrote:

> On Sun, 2004-03-21 at 12:07, Mark Haney wrote:
>> I'm trying to get a VPN setup between my FC1 box at home and a DLink
>> DFL300 at my office so I can do some things securely without having to
>> make the 30 minute drive in to work to fix stuff.  I've googled the
>> subject and the amount of documentation is pretty immense.  Can someone
>> give me a shortened version what I need to configure or point me to a 
>> good
>> step by step doc on how to do it?
>
> Well, if IPSec is not a specific requirement, and if you actually could
> use any VPN solution that's simple to install, secure and feature-rich,
> have a look at OpenVPN:
>
> http://openvpn.sourceforge.net/
>
> A brief "cookbook recipe" HOWTO:
>
> http://fedoranews.org/contributors/florin_andrei/openvpn/
>
> IPSec VPN (like FreeS/WAN) is nice because it's compatible with all
> kinds of VPN devices and software.
> However, it can be a pain to install, even more so if you're using
> Windows clients (but Linux is not a lot simpler, especially if you have
> non-geek users). Also, it is very, very picky if there are firewalls in
> between, especially if you go through NAT.
>
> OpenVPN is very simple to install, it does not require weird kernel
> patches, it is firewall-friendly, works just fine with Windows (and
> Solaris, and BSD), can tunnel through proxies, etc.
>
> It is not a typical "SSL VPN" - i mean, it is not a browser-based VPN,
> even though it's using SSL to encrypt the tunnel. Think of it as exactly
> the same thing as FreeS/WAN except it's using SSL instead of IPSec;
> otherwise, it can route arbitrary IP protocols, it does not require a
> browser, etc.
> Just like FreeS/WAN, but without the pain.
>



-- 
Estne volumen in toga, an solum tibi libet me videre?

Mark Haney
Development, Systems and Network Administration
DoctorDirectory.com
http://www.doctordirectory.com

More information about the fedora-list mailing list