Solved

VPN tunneling

Posted on 2006-11-22
3
414 Views
Last Modified: 2010-03-17
Hi,

I need some advice and preferably a good howto to do the following:

I have one central SuSE 10 machine which is behind a firewall but has one to one NAT static IP assigned to it. I would like to have several SuSE machines VPN to this one from other locations. A sort of call home if you want. These will be behind different firewalls depending on the location.

The tunnel must only be between the central machine and the ones offsite not the entire networks.

What do you recommend for this type of structure?

and do you have any good howtos for this?

Thanks
0
Comment
Question by:inf2300
3 Comments
 
LVL 40

Accepted Solution

by:
noci earned 500 total points
ID: 18002274
I recommend ipsec based solutions as they are widely implemented. In various types of wardware that can interoperate. CAN is operative here, not all implementations in ADSL modems etc. are equaly well done, if even the firmware is kept up to date.

You don't tell what the firewall is that you use up central, but in this case it might well be done from the susebox as well (because of the 1:1 nat).

Openswan (formerly named super-freeswan) carried on with freeswan development after the freeswan team quit because they reached their goal (opportunistic VPN capabilities). Ie read: being able to build on demand tunnels with a PKI as base.


0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question