Firewall Wizards mailing list archives
Re: Newbie VPN setup/configuration question
From: Kathy Bieltz <kbieltz () hal-pc org>
Date: Thu, 18 Jul 2002 10:21:18 -0500
Dave, Thanks for your info on how to setup and get a VPN connection working. My husband doesn't just transfer files, he displays back to his Linux box the GUI interface for a Seismic Data processing program that is very graphic intensive running on the computer at work. We use 'vncviewer' to speed up the graphic display to his Linux box so he can pick velocities, etc. Do you know anything about SMC's Barricade Plus($109)? It's cheaper than SonicWALL TELE3($500). Here's the hardware setup I invision - will this work? work LAN | SonicWALL | ISP . internet . | ISP | DSL Modem | SMC7004ABR Broadband router (VPN passthrough) | Home LAN | | | | | WinXP Computer (TCP/IP) | Linux Computer (TCP/IP) SMC7004FW Broadband router (VPN IPSEC & PPTP) | Wireless AP | Wireless NIC | Linux computer (TCP/IP) running 'vncviewer' Kathy Bieltz Dave Piscitello wrote:
SonicWall does work with other vendor VPN appliances. We have several running in a multi-vendor test network we use to teach VPNs at Networld/Interop, etc. The other vendor equipment includes CheckPoint, WatchGuard, Netscreen, and the products formerly known as the Nokia CryptoCluster (abandoned product line) and RapidStream (acquired by WatchGuard). The *trick* with multi-vendor VPNs is matching IKE and IPsec policies both ends support. We've been successful with SonicWall and other vendor equipment when we use IKE (pre-shared secrets, Diffie Hellman Group 2, SHA1, 3DES, Perfect Forward Secrecy, 8 hour lifetime) and IPsec (ESP, SHA1, 3DES). There is at least one documented bugs in the SonicWall GUI that can throw you for a loop when you go the multivendor route, so visit the support site. SonicWall OEMs the SafeNet VPN client. This is a win32 software package and it's a very clean install. WatchGuard and Netscreen also OEM this client, as do several other VPN vendors. You can get a Free S/WAN client, open source and executables, for Linux. I don't know of anyone who's tried this with a SonicWall, but check first that you can configure the IKE and IPsec SA parameters I suggested above. I know Free S/WAN supports raw public keys - Sonic does not, so crawl before you walk. Frankly, you'd probably spend less time creating a Win32 partition (dual boot) on your husband's Linux box, or (better) install the SafeNet VPN client on another Win32 machine in your house, and have him use SAMBA to mount and transfer files between his linux machine and the VPN client.
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Newbie VPN setup/configuration question Kathy Bieltz (Jul 17)
- Re: Newbie VPN setup/configuration question Tony Howlett (Jul 18)
- Re: Newbie VPN setup/configuration question Paul D. Robertson (Jul 18)
- Re: Newbie VPN setup/configuration question Dave Piscitello (Jul 18)
- Re: Newbie VPN setup/configuration question Tony Howlett (Jul 18)
- Re: Newbie VPN setup/configuration question Kathy Bieltz (Jul 18)
- Re: Newbie VPN setup/configuration question Tony Howlett (Jul 18)
- Re: Newbie VPN setup/configuration question Tony Howlett (Jul 18)
- Re: Newbie VPN setup/configuration question Devdas Bhagat (Jul 18)