[pptp-server] linux to linux pptp connection

ACEAlex alex at saers.com
Wed Nov 14 08:35:23 CST 2001 

Hello

Iwe been watching this newsgroup for some time. I want to be able to set up
a secure network over the internet so that i can run samba, or other
insecure protocolls without worring about security..

Because the clients where win2k or other ms boxes i thought that vpn would
be the easiest way. So i started to set it up using pptp. But i ran into
some problems.

First of all. You need to patch the kernel and all the patches that i found
are for 2.4.4, im using 2.4.14 right now :(..

So there seams to be another way with ipsec or pgp net. But ipsec wont give
me a new device in windows? And what about the software on linux, where do i
find that. The same question about pgpnet.

Thanx in advance
/Alexander

----- Original Message -----
From: "Jordan Share" <iso9 at phantasticant.com>
To: <hvrietsc at yahoo.com>
Cc: "Jerry Vonau" <jvonau at home.com>; "Tom Eastep" <teastep at shorewall.net>;
<knollst at tronicplanet.de>; <pptp-server at lists.schulte.org>
Sent: Tuesday, November 13, 2001 8:16 PM
Subject: RE: [pptp-server] linux to linux pptp connection


> For remote access, it's probably easier to get PPTP "dialin" working.
Freeswan does not support "remote" IPs in the same way.  You do not lease an
IP address on the local network, you just encrypt the traffic to and from a
given IP/Netmask.  This makes "roadwarrior" dialins a bit tricky.  If you
have a static IP on the Win2k box, then it's very easy to set up the IPSec
tunneling.  (Well, not easy, perhaps, but doable).  If you want to connect
roaming dialin users, then you need to jump through some hoops, or just use
PGPNet, or some other IPSec client software to manage things.
>
> The original post I was replying to was talking about using PPTP to
connect two LANs together.  Which is something that I think is much better
done with IPSec.
>
> Jordan
> -----Original Message-----
> From: pptp-server-admin at lists.schulte.org
> [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of
> hvrietsc at yahoo.com
> Sent: Monday, November 12, 2001 8:30 PM
> To: Jordan Share
> Cc: Jerry Vonau; Tom Eastep; knollst at tronicplanet.de;
> pptp-server at lists.schulte.org
> Subject: Re: [pptp-server] linux to linux pptp connection
>
>
> ok you got me curious, can i do the following with frees/wan:
>
> one secure box running frees/wan with one eth to the outside and one eth
> to the inside.
>
> then can i use win-2k and win 98 to connect to freesw/wan? if so what
> do they use for making the tunnels. for pptp connections i just have them
use the build
> in vpn connector or whatever M$ calls this. so what about ipsec? is this
supported
> by win/2k and win98?
>
> On Mon, Nov 12, 2001 at 10:42:35AM -0800, Jordan Share wrote:
> > I'd have to agree that FreeS/WAN is probably what you want to go with.
I've not had a tunnel go down yet.  (Well, as long as our DSL stays up.)
Also, you have the bonus that it interoperates with other IPSec
implementations (an advantage you don't have with vtund).  I set up
FreeS/WAN for connectivity to our backside LAN at the colo center
(connecting to a Netscreen100 firewall), and since then have been easily
able to add in tunnels for my network at home (FreeS/WAN) and to a
coworker's Win2k box.
> >
> > Plus, I really feel that the experience you gain in setting up a
FreeS/WAN tunnel is far more broadly applicable to other IPSec installations
than setting up some proprietary tunneling product (such as vtund).
> >
> > There's no way I'd ever use PPTP to tunnel two LANs together, if I had a
choice.  PPTP is for remote access, IMHO.
> >
> > Jordan
> >
> > -----Original Message-----
> > From: pptp-server-admin at lists.schulte.org
> > [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Jerry Vonau
> > Sent: Saturday, November 10, 2001 9:50 AM
> > To: Tom Eastep
> > Cc: knollst at tronicplanet.de; pptp-server at lists.schulte.org
> > Subject: Re: [pptp-server] linux to linux pptp connection
> >
> >
> > Tom:
> >
> > Just figured out vtund, I'm testing it now.
> > Have you played with it? Seems stable.
> >
> > Jerry Vonau
> >
> > Tom Eastep wrote:
> > >
> > > On Saturday 10 November 2001 08:28 am, Jerry Vonau wrote:
> > >
> > > > The fix is to have a reliable isp and hope their upstream is
reliable.
> > > >
> > >
> > > Or switch to an IPSEC tunnel -- For Linux<->Linux tunneling, I've
found
> > > FreeS/Wan to be more reliable than PPTP.
> > >
> > > -Tom
> > > --
> > > Tom Eastep    \  teastep at shorewall.net
> > > AIM: tmeastep  \  http://www.shorewall.net
> > > ICQ: #60745924  \_________________________
> > _______________________________________________
> > pptp-server maillist  -  pptp-server at lists.schulte.org
> > http://lists.schulte.org/mailman/listinfo/pptp-server
> > --- To unsubscribe, go to the url just above this line. --
> >
> > _______________________________________________
> > pptp-server maillist  -  pptp-server at lists.schulte.org
> > http://lists.schulte.org/mailman/listinfo/pptp-server
> > --- To unsubscribe, go to the url just above this line. --
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> --- To unsubscribe, go to the url just above this line. --
>
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> --- To unsubscribe, go to the url just above this line. --

More information about the pptp-server mailing list