Small VPN implementation (ideas?)

Seth Northrop seth at CALCULON.NORTHROPS.COM
Thu Jan 25 20:39:27 EST 2001


Just bumped into this list, but, didn't find an answer to this question
after a quick perusing.

I want to build a fairly simplistic VPN.

Currently a very simplistic view of an architecture looks like:

         --  Mail Server   Intranet
         |-  Web Server    DB
Internet |-  Firewall <--- File Server
         --  DNS           Internal LAN

Ideally, we want to allow remote users with both static AND/OR dynamic ip
addresses (dialup/DSL/Cable etc.) into the internal network securely so
that we can allow SMTP relaying to only occur from an internal interface /
SMTP server, along with giving users access to our corporate intranet
and/or fileserver(s).

Currently we are doing port forwarding from the firewall and POP
authenticated relay restrictions on the external mail server.  Neither
seem as clean as a VPN solution.

Clients are mostly Windows 95/98/2000 with the potential that windows ME
could pop into the picture.  There are also a few linux clients that could
gain access.

This is not a heavily remotely used network.  I wouldn't expect more than
a couple of people at any given point remotely accessing the
network.. and, of those they will not be pushing a large amount of data.

Are there any software (Linux) solutions out there that will accomodate
windows based clients with dynamic addressing?  If not, is the Cisco 1720
a suitable alternative for this configuration?  Or, are there other low
cost devices out there that will accomplish this objective?

Thanks for any input you can share!


VPN is sponsored by SecurityFocus.COM

More information about the VPN mailing list