Mailing List Archive

I have implemented exactly this, with iptables firewalls at both ends the
VTUN (vtun.sourceforge.net) as the VPN/tunneling software. Note that
iptables doesn't really have anything at all to do with the tunneling, other
than being configured to allow the connections from the other location's
server.

This was fairly easy to set up (although I've been a linux user/hacker for
many years now :-) and works very well.

----- Original Message -----
From: "Willis L. Sarka" <wlsarka@the-republic.org>
To: <netfilter@lists.samba.org>
Sent: Monday, August 06, 2001 12:48 PM
Subject: RFC - Using Iptables/FreeSwan on 2 firewalls


> Greetings,
>
> I am exploring some options for a small company I work for... This company
> has 2 offices, and needs a routing firewall that can also set up a VPN
> between the 2 offices. I guess I'm looking for opinions or experiences of
> anyone on this list if they have implemented something similar (i.e. 2
> offices, VPN between them, using iptables).
>
> Thanks,
> Will Sarka
>
>
>
>
>

Go with Linux and FreeS/WAN. It works great, doesn't need very much CPU
power (a PII-300MHz processor should do it for a fair amount of traffic),
it's very easy to set it up.


/me

On Mon, 6 Aug 2001, Willis L. Sarka wrote:

> Greetings,
>
> I am exploring some options for a small company I work for... This company
> has 2 offices, and needs a routing firewall that can also set up a VPN
> between the 2 offices. I guess I'm looking for opinions or experiences of
> anyone on this list if they have implemented something similar (i.e. 2
> offices, VPN between them, using iptables).
>
> Thanks,
> Will Sarka
>
>
>

Thanks,

I haven't heard of Vtun specifically, and yes, I know that the firewall
implementation is separate from the VPN tunnel between the two offices.
I'll check out vtun.

Thank you,
Will Sarka

On Mon, 6 Aug 2001, Kevin P. Fleming wrote:

> I have implemented exactly this, with iptables firewalls at both ends the
> VTUN (vtun.sourceforge.net) as the VPN/tunneling software. Note that
> iptables doesn't really have anything at all to do with the tunneling, other
> than being configured to allow the connections from the other location's
> server.
>
> This was fairly easy to set up (although I've been a linux user/hacker for
> many years now :-) and works very well.
>
> ----- Original Message -----
> From: "Willis L. Sarka" <wlsarka@the-republic.org>
> To: <netfilter@lists.samba.org>
> Sent: Monday, August 06, 2001 12:48 PM
> Subject: RFC - Using Iptables/FreeSwan on 2 firewalls
>
>
> > Greetings,
> >
> > I am exploring some options for a small company I work for... This company
> > has 2 offices, and needs a routing firewall that can also set up a VPN
> > between the 2 offices. I guess I'm looking for opinions or experiences of
> > anyone on this list if they have implemented something similar (i.e. 2
> > offices, VPN between them, using iptables).
> >
> > Thanks,
> > Will Sarka
> >
> >
> >
> >
> >
>

iptables & free/swan() is working fine for me.
No need to lose time to make things work.
Tried cipe(2) too, maybe easier to configure but need to be a lkm. Don't really wanna use modules on my firewall kernels... who knows

Cheers,

a2k

(1) http://www.freeswan.org
(2) http://sites.inka.de/~bigred/devel/cipe.html

Willis L. Sarka wrote:
> Greetings,
>
> I am exploring some options for a small company I work for... This company
> has 2 offices, and needs a routing firewall that can also set up a VPN
> between the 2 offices. I guess I'm looking for opinions or experiences of
> anyone on this list if they have implemented something similar (i.e. 2
> offices, VPN between them, using iptables).
>
> Thanks,
> Will Sarka
>
>
>
>