RES: How configure VPN server in a Linux BOX

Thu May 3 21:44:45 EDT 2001

On Thursday 03 May 2001 17:14, Luiz Andrade wrote:

> > Thank You
>
>     Please, freeswan function with WIndows 9x Clients ? Where I can find
> any documentation ? Thanks.
>
From:
http://www.freeswan.org/freeswan_trees/freeswan-1.8/doc/interop.html

I would recommend GPGnet:
http://web.mit.edu/network/pgp.html

===
Windows clients

 Quite a number of client programs for IPSEC on Windows are available. Many
of them are listed in this piece of list mail: Subject: Re: Searching
Windows95/98 and NT4.0 Clients for FreeS/WAN
    From: Claudia Schmeing >claudia at coldstream.ca<
    Date: Wed, 12 Jul 2000

F-Secure VPN+
-------------
for Win 95, 98 and NT 4.0
http://www.datafellows.com/products/vpnplus

Checkpoint SecureRemote VPN-1 4.1
---------------------------------
for Win 95, 98 and NT
http://www.checkpoint.com/techsupport/freedownloads.html

Raptor Firewall, Raptor MobileNT 5.0
-------------------------------------
Mobile NT is a "Client"* for Win 95, 98 (except SE), First Edition Windows NT
up to Service Pack 4. It ships with DES; triple DES may be available as an
add-on depending on your location.

Firewall is for Win NT 4.0 or Win 2000.
http://www.axent.com

IRE SafeNet SoftPK
------------------
a "Client" for Win 95, 98 and NT 4.0 *
http://www.ire.com

Xedia's AccessPoint QVPN "Client" or "Builder"
----------------------------------------------
"Builder" is for NT
"Client" is for Win 98 *
http://www.xedia.com

* "Client" in this context indicates software that does not support a subnet
behind its end of the connection.

 That mail omits the PGPnet client because the user asking the question
already knew of it.Windows 2000

Windows 2000 ships with an IPSEC implementation built in. There may be
restrictions. We have had mailing list reports that only the server version
will act as a gateway, working with a subnet behind it, and other versions
offer only "client" functionality, with no subnet. We are unclear on details.

Some versions of Windows 2000 ship with only weak encryption. You need to
upgrade them with the strong encryption pack, available either via the
Windows 2000 update service or from Microsoft's web site.

Windows 2000 IPSEC sometimes exhibits remarkably odd behaviour. It will allow
you to configure it for 3DES only, then ignore your settings and fall back to
single DES in some circumstances. Microsoft have said they will fix this. See
this Wired article.

We know of one bug report for the strong encryption upgrade. It is fixed in
service pack one. You should of course check for later reports or ones we
missed.

> -----Mensagem original-----
> De: Jon Carnes [mailto:jonc at haht.com]
> Enviada em: quinta-feira, 3 de maio de 2001 15:17
> Para: Luiz Andrade; VPN at SECURITYFOCUS.COM[Luiz Gustavo de Andrade]
> Assunto: Re: How configure VPN server in a Linux BOX
>
>
> With Linux you have a lot of options...
>
>   Poptop:  http://poptop.lineo.com/ <http://poptop.lineo.com/>   which is
> an implementation of Point to Point Tunnel Protocol (PPTP) and works with
> all Microsoft clients.
>
>   FreeSwan:  http://www.freeswan.org/ <http://www.freeswan.org/>   which is
> a full suite of IPSec tools including VPN's and their clients.
>
> You may also want to check our Secure Shell: http://www.openssh.com/
> <http://www.openssh.com/>   for secure point to point communications.
>
> There are also numerous site to site VPN's available, but you *seem* to be
> asking about client to site.
>
> Jon Carnes
>
> ----- Original Message -----
> From: Luiz Andrade <mailto:landrade at INFRA.IMARES.COM.BR>
> To: VPN at SECURITYFOCUS.COM <mailto:VPN at SECURITYFOCUS.COM>
> Sent: Wednesday, May 02, 2001 10:23 AM
> Subject: How configure VPN server in a Linux BOX
>
>
> HI,
>
>         I´m younger in this mail list and I have a big problem, configure
> one Linux Box ( kernel 2.2.19 ) is VPN server. I have many clients outside
> my company and this clients need to connect with my internal server with
> private IP, and I have One Linux Box with Proxy and Firewall working.
> Please this is possible ? Why ? Please help me.
>
>         Thanks for all
>
>   Luiz Gustavo de Andrade
> Grupo Imares / Infraestrutura
>     Tel: 55 (11)3879-2298

----------------------------------------
Content-Type: text/html; charset="iso-8859-1"; name="Attachment: 1"
Content-Transfer-Encoding: quoted-printable
Content-Description:
----------------------------------------

VPN is sponsored by SecurityFocus.COM