[geeks] VPN/Tunneling
Michael Parson
mparson at bl.org
Mon Jun 26 13:56:01 CDT 2006
On Mon, Jun 26, 2006 at 02:44:16PM -0400, Sridhar Ayengar wrote:
> I need to build a small VPN between two locations. One location
> contains a private network and a DMZ, and the other just has a private
> network. All three networks need to access each other. The router on
> the side that has the DMZ is a Cisco 7505 running IOS 12.4(1) with all
> the bells and whistles, and the other side is a NetBSD box. I would
> appreciate any suggestions, since I don't have any experience setting up
> VPNs. Thanks.
Don't know that a Cisco 7505 can be used as a VPN end-point, never
looked into that.
You could always put a small NetBSD (or whatever free OS you want) box
on each network and VPN them together. Take a look in $PKGSRC and look
for the various VPN stuffs in there:
[/usr/pkgsrc/net]# grep -i vpn */DESCR
openvpn/DESCR:OpenVPN is a robust and highly flexible tunneling application
poptop/DESCR:wished to include Linux servers in PPTP established VPNs. PoPToP resolves
poptop/DESCR:VPN environment. This enables administrators to leverage the considerable
tinc/DESCR:tinc is a Virtual Private Network (VPN) daemon that uses tunnelling and
tinc/DESCR:Because the VPN appears to the IP level network code as a normal network
tinc/DESCR:device, there is no need to adapt any existing software. This allows VPN
tinc/DESCR: other, VPN traffic is always (if possible) sent directly to the
tinc/DESCR:o Easily expand your VPN
tinc/DESCR: When you want to add nodes to your VPN, all you have to do is add an extra
vpnc/DESCR:vpnc is a VPN client for the Cisco 3000 VPN Concentrator, creating
vtun/DESCR:it can be used for various network task like VPN, Mobile IP, Shaped
There are also a couple of things in securiy/ that might be of use:
[/usr/pkgsrc/security]# grep -i vpn */DESCR
ipsec-tools/DESCR:Ipsec-tools' racoon is able to act as a VPN server for the
ipsec-tools/DESCR:Cisco VPN client using hybrid authentication.
ssh-ip-tunnel/DESCR:Simple VPN system using pppd over ssh.
--
Michael Parson
mparson at bl.org
More information about the geeks
mailing list