[geeks] VPN/Tunneling

Sridhar Ayengar ploopster at gmail.com
Mon Jun 26 13:59:07 CDT 2006 

Michael Parson wrote:
> On Mon, Jun 26, 2006 at 02:44:16PM -0400, Sridhar Ayengar wrote:
>> I need to build a small VPN between two locations.  One location 
>> contains a private network and a DMZ, and the other just has a private 
>> network.  All three networks need to access each other.  The router on 
>> the side that has the DMZ is a Cisco 7505 running IOS 12.4(1) with all 
>> the bells and whistles, and the other side is a NetBSD box.  I would 
>> appreciate any suggestions, since I don't have any experience setting up 
>> VPNs.  Thanks.
> 
> Don't know that a Cisco 7505 can be used as a VPN end-point, never
> looked into that.
> 
> You could always put a small NetBSD (or whatever free OS you want) box
> on each network and VPN them together.  Take a look in $PKGSRC and look
> for the various VPN stuffs in there:
> 
> [/usr/pkgsrc/net]# grep -i vpn */DESCR
> openvpn/DESCR:OpenVPN is a robust and highly flexible tunneling application
> poptop/DESCR:wished to include Linux servers in PPTP established VPNs.  PoPToP resolves
> poptop/DESCR:VPN environment.  This enables administrators to leverage the considerable
> tinc/DESCR:tinc is a Virtual Private Network (VPN) daemon that uses tunnelling and
> tinc/DESCR:Because the VPN appears to the IP level network code as a normal network
> tinc/DESCR:device, there is no need to adapt any existing software. This allows VPN
> tinc/DESCR:    other, VPN traffic is always (if possible) sent directly to the
> tinc/DESCR:o Easily expand your VPN
> tinc/DESCR:    When you want to add nodes to your VPN, all you have to do is add an extra
> vpnc/DESCR:vpnc is a VPN client for the Cisco 3000 VPN Concentrator, creating
> vtun/DESCR:it can be used for various network task like VPN, Mobile IP, Shaped
> 
> There are also a couple of things in securiy/ that might be of use:
> 
> [/usr/pkgsrc/security]# grep -i vpn */DESCR
> ipsec-tools/DESCR:Ipsec-tools' racoon is able to act as a VPN server for the
> ipsec-tools/DESCR:Cisco VPN client using hybrid authentication.
> ssh-ip-tunnel/DESCR:Simple VPN system using pppd over ssh.

My apologies, but I guess I wasn't clear.

I'm not really looking for a VPN management application.  I am looking 
to see if someone can compare the upsides/downsides of the various 
*protocols*.  (PPTP, IPIP, GRE, etc.)

Thanks.

Peace...  Sridhar

More information about the geeks mailing list