[K12OSN] easy VPN?

Les Mikesell les at futuresource.com
Fri Apr 23 21:53:11 UTC 2004

On Fri, 2004-04-23 at 15:26, Julius Szelagiewicz wrote:

> 	I can actually use light-weight k12 server for remote end and a
> spare k12 server for hq end - cipe is obviously included. my problem with
> cipe is the documentation. it is rather verbose in obvious places and very
> sparse in non-obvious. The description of server end seems to translate
> into "and the magic happens here". the docs for openvpn are a bit scary.
> 	perhaps i just need to plug away at cipe. thanks, julius

I've used it for years to back up and sometimes replace frame relay
connections and it's one of those rare things that 'just works' once
you get about 6 entries right.  I started using it before RedHat added
the GUI so most of mine are hand-configured in the options file and
a lot of the endpoints are SME boxes where you have also have to tweak
the firewall rules, but I do have a box at home where I used the
GUI.  You basically pick two network addresses for the CIPE interface
endpoints (they can be arbitrary but I always use the 2 usable addresses
of a 4-host subnet just like it was a real WAN interface) and give it
the remote (real) address and UDP port for the tunnel packets.  If
you have trouble, I can look at the box at home and verify which address
goes where.  You also have to set up routing the same way you would if
it were a real WAN link.  It works best if you run it on a box that
is also your default gateway to the internet but other ways can work
if you add routes or run zebra (now quagga) with some routing protocol.

  Les Mikesell
    les at futuresource.com

