[vpn] vpn planning
Christopher Gripp
cgripp at axcelerant.com
Wed Mar 6 00:59:51 EST 2002
These boxes are in fact VPN capable. Supporting 3DES, IKE, etc. etc. Haven't tested them yet though. So this isn't a recommendation.
-----Original Message-----
From: Watson, Travis [mailto:Travis.Watson at Honeywell.com]
Sent: Tuesday, March 05, 2002 5:29 PM
To: 'mcse4dave at yahoo.com'; vpn at securityfocus.com
Subject: RE: [vpn] vpn planning
I'm not absolutely positive, but I would bet a lot of money that these routers will only pass T-DES traffic--the VPN
termination would still be with a host behind them (say, a FreeS/WAN box). If you find out differently, however, please
let me know because it would be very interesting for SOHO users.
--Travis
-----Original Message-----
From: mcse4dave at yahoo.com [mailto:mcse4dave at yahoo.com]
Sent: Wednesday, February 27, 2002 9:12 AM
To: vpn at securityfocus.com
Subject: Re: [vpn] vpn planning
Hi All,
I was wondering if anybody knows if there is any security issues using this
new VPN Router from Linksys (
http://www.linksys.com/Products/product.asp?grid=23&prid=411 )
They claim it can support up to 70 tunnels at once.
Could they be used instead of more difficult/expensive dedicated servers and
such?
Has anyone tried these?
Seems to me a proper link could be built for about $300.00 ( 2x$150 each )
and it seems very easy to configure.
Thanks,
David Hennessey
----- Original Message -----
From: "Travis Watson" <rtwatson at qwest.net>
To: "Steve Hunt" <stephen_hunt at sunguru.com>
Cc: <vpn at securityfocus.com>
Sent: Tuesday, February 26, 2002 10:26 PM
Subject: RE: [vpn] vpn planning
I'm not sure what you are running on the other side, but if you are running
FreeS/Wan on both sides (or at least two IPSec capable devices), no client
software is necessary. The VPN device will make the distant end look and
function like a logical extension of the existing LAN and vice-versa.
Two notes:
--FreeS/Wan can only do one subnet per secure connection. So if you need to
get to 5.5.0.0/16 and 6.6.0.0/16, it will require two different tunnels.
Not a big deal, but just so you know.
--IPX is bad juju with IPSec. If there is any Novel involved, try to
eliminate it or upgrade to 5.1
After the tunnel is up, just have the internal routers point remote end IPs
back to the inside IP of the VPN device, and you should be set.
Regards,
Travis
-----Original Message-----
From: Steve Hunt [mailto:stephen_hunt at sunguru.com]
Sent: Tuesday, February 26, 2002 3:47 PM
To: vpn at securityfocus.com
Subject: [vpn] vpn planning
Hi, I'm planning to install a vpn so that two of our locations can share
the same database,and access each other's local network shares. I had
planned to use free s/wan with a linux firewall like ipchains for this,
setting up a NAT with firewalling rules,then setting up the vpn on that
machine. After doing some reading, I see that there's probably more to
it. For example,do I need some kind of Windows vpn client for the windows
workstations? Is there anyway to make the vpn transparent to the user,such
that any traffic to the remote LAN is automatically routed through the vpn?
What are some general recommendations,as in what software should I use, how
to integrate firewalling into a vpn solution, sample hardware and software
setups? Thanks for any info, pointers etc yall can provide! Steve
VPN is sponsored by SecurityFocus.com
VPN is sponsored by SecurityFocus.com
VPN is sponsored by SecurityFocus.com
VPN is sponsored by SecurityFocus.com
VPN is sponsored by SecurityFocus.com
More information about the VPN
mailing list