Re: [fw-wiz] Newbie VPN setup/configuration question
From: Kathy Bieltz (kbieltz@hal-pc.org)
Date: 07/18/02
- Next message: Greg Polanski: "Re: [fw-wiz] FWTK and smap/smapd"
- Previous message: Tony Howlett: "Re: [fw-wiz] Newbie VPN setup/configuration question"
- In reply to: Dave Piscitello: "Re: [fw-wiz] Newbie VPN setup/configuration question"
- Next in thread: Tony Howlett: "Re: [fw-wiz] Newbie VPN setup/configuration question"
- Reply: Tony Howlett: "Re: [fw-wiz] Newbie VPN setup/configuration question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Kathy Bieltz <kbieltz@hal-pc.org> To: Dave Piscitello <dave@corecom.com> Date: Thu Jul 18 13:13:01 2002
Dave,
Thanks for your info on how to setup and get a VPN connection
working. My husband doesn't just transfer files, he displays back
to his Linux box the GUI interface for a Seismic Data processing
program that is very graphic intensive running on the computer
at work. We use 'vncviewer' to speed up the graphic display to his
Linux box so he can pick velocities, etc.
Do you know anything about SMC's Barricade Plus($109)? It's cheaper
than SonicWALL TELE3($500).
Here's the hardware setup I invision - will this work?
work LAN
|
SonicWALL
|
ISP
.
internet
.
|
ISP
|
DSL Modem
|
SMC7004ABR Broadband router (VPN passthrough)
|
Home LAN
| | |
| | WinXP Computer (TCP/IP)
| Linux Computer (TCP/IP)
SMC7004FW Broadband router (VPN IPSEC & PPTP)
|
Wireless AP
|
Wireless NIC
|
Linux computer (TCP/IP) running 'vncviewer'
Kathy Bieltz
Dave Piscitello wrote:
> SonicWall does work with other vendor VPN appliances. We have several
> running in a multi-vendor test network we use to teach VPNs at
> Networld/Interop, etc. The other vendor equipment includes CheckPoint,
> WatchGuard, Netscreen, and the products formerly known as the Nokia
> CryptoCluster (abandoned product line) and RapidStream (acquired by
> WatchGuard).
>
> The *trick* with multi-vendor VPNs is matching IKE and IPsec policies both
> ends support. We've been successful with SonicWall and other vendor
> equipment when we use IKE (pre-shared secrets, Diffie Hellman Group 2,
> SHA1, 3DES, Perfect Forward Secrecy, 8 hour lifetime) and IPsec (ESP, SHA1,
> 3DES). There is at least one documented bugs in the SonicWall GUI that can
> throw you for a loop when you go the multivendor route, so visit the
> support site.
>
> SonicWall OEMs the SafeNet VPN client. This is a win32 software package and
> it's a very clean install. WatchGuard and Netscreen also OEM this client,
> as do several other VPN vendors.
>
> You can get a Free S/WAN client, open source and executables, for Linux.
> I don't know of anyone who's tried this with a SonicWall, but check first
> that you can configure the IKE and IPsec SA parameters I suggested above. I
> know Free S/WAN supports raw public keys - Sonic does not, so crawl before
> you walk.
>
> Frankly, you'd probably spend less time creating a Win32 partition (dual
> boot) on your husband's Linux box, or (better) install the SafeNet VPN
> client on another Win32 machine in your house, and have him use SAMBA to
> mount and transfer files between his linux machine and the VPN client.
- Next message: Greg Polanski: "Re: [fw-wiz] FWTK and smap/smapd"
- Previous message: Tony Howlett: "Re: [fw-wiz] Newbie VPN setup/configuration question"
- In reply to: Dave Piscitello: "Re: [fw-wiz] Newbie VPN setup/configuration question"
- Next in thread: Tony Howlett: "Re: [fw-wiz] Newbie VPN setup/configuration question"
- Reply: Tony Howlett: "Re: [fw-wiz] Newbie VPN setup/configuration question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
