Redhat Posted June 1, 2005 Report Share Posted June 1, 2005 I'm looking to set up an IPSec VPN for a new company. It is so they can view the customer relations management software from outside the LAN, as it contains a ticket system which needs to be used on the job. Would it be OK to use FreeS/Wan or OpenS/Wan for this purpose? The host is running Linux, the clients will be using Windows. Does anyone recommend a good IPSec client, apart from the built in XPPro one? Many thanks. Quote Link to comment Share on other sites More sharing options...
Redhat Posted June 1, 2005 Author Report Share Posted June 1, 2005 No one? I'm also thinking of buying this instead of my current one, which does not seem to support IPSec or VPNs of any type: http://www.savastore.com/productinfo/produ...0249757&pid=206 Quote Link to comment Share on other sites More sharing options...
homecomputeraid Posted June 2, 2005 Report Share Posted June 2, 2005 Redhat,The open source products are pretty unwieldy. If you're comfortable configuring and updating them for the customer, go for it.I'm more accustomed to devices that come with their own IPSEC Client Software like Cisco's VPN Concentrator, or Nortel's Contivity.Cisco VPN Concentrator:http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/Nortel VPN Router (formerly Contivity):http://products.nortel.com/go/product_cont...48&locale=en-USBoth solutions are pretty expensive and may not be suitable for a very small office. You could try a Linksys solution. It sounds like it comes with Linksys QuickVPN Client: http://www.linksys.com/products/product.as...cid=29&prid=589The manual for the Linksys has some pretty good overviews of what VPN'ing is all about, but you sound like you understand that pretty well Redhat:ftp://ftp.linksys.com/pdf/rv082-ug-rev_C%20web.pdfI believe (although I've never done it myself) that Windows XP has a native capability to do IPSec. Here's a document on Microsoft's site concerning IPSec troubleshooting:http://support.microsoft.com/default.aspx?...kb;en-us;314831If you buy a hardware device and need help on placement, please post.[edit]The reason I suggest a device that comes with its own client is that it will work better with the device, and it will usually be easier to configure, have more options, and better troubleshooting abilities than the built in Windows client. Quote Link to comment Share on other sites More sharing options...
Redhat Posted June 2, 2005 Author Report Share Posted June 2, 2005 Thanks very much for all of that! I was looking into this : http://www.broadbandbuyer.co.uk/Shop/ShopD...&ShopGroupID=38I know the brand, they are well known for security in the groups I exist in :D I think it would be easier, but I would like to set up my own one first, just for kicks and experience :D OK I have installed Openswan, as it is the carry-on from the discontinued Freeswan. Am about to start configuring it all, will get back to you! Cheers mate. Quote Link to comment Share on other sites More sharing options...
homecomputeraid Posted June 2, 2005 Report Share Posted June 2, 2005 Good luck Redhat!That looks like a great firewall, but I saw no mention of VPN capabilities. Quote Link to comment Share on other sites More sharing options...
Redhat Posted June 3, 2005 Author Report Share Posted June 3, 2005 Virtual Server SupportI was suggested this router in another forum, I expect this is the VPN bit. Do I need a VPN router to host a VPN server "behind" it? Will it still route IPSec/PPP/L2TP traffic?Thanks as always. Quote Link to comment Share on other sites More sharing options...
homecomputeraid Posted June 3, 2005 Report Share Posted June 3, 2005 Redhat,I think the VPN will have to terminate at a server inside the Firewall in that configuration. It's easier to configure if it terminates at the Firewall, that's all. Quote Link to comment Share on other sites More sharing options...
Redhat Posted June 4, 2005 Author Report Share Posted June 4, 2005 Thanks. The current router does not support Protocol 47/50/51 so no VPN with that. I'm looking into business products at PCWB (shame on me :P ) as I have just set up a no-obligation account. The prices seem extremely reasonable! Thanks for the help so far. Quote Link to comment Share on other sites More sharing options...
Redhat Posted June 6, 2005 Author Report Share Posted June 6, 2005 OK I now have a D-Link with IPSec Passthrough. It also has PPTP but I have a few queries: After doing some reading (and reading my Security+ revision guide) I've come to the conclusion that PPTP is not secure enough for my needs. I need IPSec. How would IPSec/L2TP be as far as setting it up in Windows XP Pro? I suppose I could do it with Openswan, but first would like to try with XPPro. Anyone got any links to tutorials for IPSec/L2TP on XP Pro? Many thanks in advance! Quote Link to comment Share on other sites More sharing options...
Redhat Posted June 6, 2005 Author Report Share Posted June 6, 2005 S'alright, I found one :D http://www.microsoft.com/windows2000/techi.../ipsecsteps.asp Quote Link to comment Share on other sites More sharing options...
homecomputeraid Posted June 6, 2005 Report Share Posted June 6, 2005 Let us know how things progress. :) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.