Any VPN experiences out there?

[tmoore]

I'd like to set up a VPN server on my core so that I can access my files remotely.  Right now, I'm most interested in just accessing documents securely, but it could be good to stream audio, use VNC and maybe print remotely, too.  I know I can set up port forwarding, but I'd need to open up a bunch of ports.  The more ports that are open, the higher the security risk.  I'd be more comfortable just allowing a VPN to be set up, which would allow any traffic through securely.  Also, VPN software such as OpenVPN has been designed to face the public Internet, so I'd expect it to hold up better to attacks than software designed primarily for LANs.

Does anyone have any experiences of setting up something like OpenVPN on an LMCE core?  Before I have a go myself, I'd be interested to hear.

Thanks.

[Zaerc]

You could just tunnel with ssh.

[hari]

I use ipsec.

br, Hari

[bulek]

Hi,

I'm also interested in this one.... I'd be more than happy if I can get clearer picture of differences. Currently it seem at least three options (I'll put my comments out of my newbie knowledge - hopefully more experienced will correct me) :
- ssh tunneling : pros: easy to setup, only one port open     cons: weird access to files only through core, hard to get to local machines (samba shares,printing)

- IPsec (AFAIK true secure solution, but takes more computing resources - am I wrong?

- OpenVPN - this one attracts me most, but don't know much about it. It seems like you connect virtually to LAN from remote localtion, so all accesses are much easier to handle...

I'd be glad of some further discussion on this matter... I guess we're all about secure connection from external locations... This is one of the major feature being announced on HP SmartMedia demo movies :

http://www.youtube.com/user/hpmediasmart

I guess with some setup steps, we can be quite close to similar functionality under LMCE too....

Thanks in advance,

regards,

Bulek.

[superfro]

I use openvpn on a few boxes, but not on my lmce setup (not yet anyhow)... it should install really easy and there is a windows client and osx client....

Speed and reliability is good.

[indulis]

openvpn is neat, I've used it from my Linux computer to connect to my parents's computer and my brother's computer overseas.  Also from my Windows (work) laptop to do the same thing, as well as connect to my old Mythtv server.

Much easier now with the GUI.  The key generation is the hardeest bit, but you just follow the instructions and it is OK.

From there TightVNC to get to the desktop on Linux or Windows or UNIX (don't know about Mac but more than likely).

[zug]

I use openvpn. It is brilliant!
I have used IPsec (openswan) a few times and it's a complete nightmare! Although it is very stable when it's working, it can be such a pain to setup.

[bulek]

Hi,

thanks for responses so far... I guess VPN is a choice at the moment. Can anyone devote few moments to describe basics of setiing up VPN under LMCE on Wiki ?

I guess it would be really helpful to secure our LMCE installations...

Thanks in advance,

regards,

bulek.