[ale] vpn

Dow Hurst dhurst at kennesaw.edu
Thu Oct 18 12:32:58 EDT 2001


Chris,
If you try out the SSH connection then you will need to run a PPP tunnel
thru the SSH connection.  Also, PPP interfaces are dynamic so the order
that you bring them up is important once you script the startup.  The
overhead is the SSH encryption/decryption cycle so you want fast
reliable machines for your firewalls.  If you have real IPs behind the
firewalls, the firewalls will need to do proxy arp for anything not
moving thru the tunnel.  Might want to talk to Bob Toxen if you need a
quick professional solution as he worked out all the bugs on our
system.  It really works great and is extremely reliable.  The only
caveat is that after about half a Gig of traffic the counters in PPP may
overload.  We aren't quite sure what happened but that seems to be what
the error messages said.  However, that was about 4.5 months of straight
uptime for the VPN!
Dow


Christopher Bergeron wrote:
> 
> Am I correct in beliveing that I can just setup 2 linux boxen (one local,
> one remote), setup ipchains or iptables or whatever, and use ssh to tunnel
> all my traffic between the 2 securely (aside from the most recent ssh vuln)?
> I have some win clients on both sides, but couldn't I just forward
> everything across the secure wire?  I hate supporting windows (because I
> don't know how it works as well as i do linux).  I've got a samba PDC setup
> too.  Will windows be able to do it's silly little SMB stuff over ssh?
> Would I have to use ppp over ssh or something?  I'm new to vpn stuff, so any
> insights would be appreciated greatly (my brain is fried from long day at
> work).
> 
> eeech,
> CB
> 
> p.s.
> i got a job, thanks to everyone
> on the list whom gave me leads.
> 
> ---
> This message has been sent through the ALE general discussion list.
> See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
> sent to listmaster at ale dot org.

-- 
__________________________________________________________
Dow Hurst                   Office: 770-499-3428
Systems Support Specialist  Fax:    770-423-6744
1000 Chastain Rd.
Chemistry Department SC428  Email:dhurst at kennesaw.edu
Kennesaw State University         Dow.Hurst at mindspring.com
Kennesaw, GA 30144
*********************************
*Computational Chemistry is fun!*
*********************************

---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list