LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 12-27-2006, 07:55 PM   #1
yogaboy
Member
 
Registered: Oct 2004
Location: Londinium
Distribution: CentOs 4, OSX Tiger
Posts: 93

Rep: Reputation: 15
fileserver - remote access suggestions


Hi,

I recently setup a CentOS Samba fileserver for a small office. They've asked if I can give them access outside of the office.

I've not set anything like this up before, and I was wondering if anyone could suggest a setup? It would be ideal if they client could be authenticated via a certificate (I can issue those), and that security is maintained without a huge amount of maintenance by me!

The gateway is a Netgear DG834 router that has VPN abilities (apparently) but I'm wondering about the performance and implications of using VPN.

I realise this is a general question but I am quite unsure of how to proceed. Any input is welcome and appreciated.
 
Old 12-27-2006, 09:14 PM   #2
macemoneta
Senior Member
 
Registered: Jan 2005
Location: Manalapan, NJ
Distribution: Fedora x86 and x86_64, Debian PPC and ARM, Android
Posts: 4,593
Blog Entries: 2

Rep: Reputation: 327Reputation: 327Reputation: 327Reputation: 327
The answer really depends on whether your clients use Windows or Mac/Linux. For Windows users, a VPN client tends to be easier. For Mac/Linux clients, SSH tunneling is more convenient (though they can certainly use VPN software as well). What client is needed, and the availability for each platform will be a concern. Cisco's VPN client is very popular, and almost universally available, but your router must be compatible with it.

Performance is the big issue with VPNs. Since many folks terminate VPNs on routers, the router must have dedicated hardware for the encryption. Without that, all processing is performed in the relatively small CPUs. It may work fine with a small number of sessions, but not scale. I'm not trying to convince you one way or the other - a small number of sessions may be enough for your application.

On the other hand, SSH terminates on server(s) or even workstations, which tend to have relatively powerful CPUs, and can easily handle dozens of sessions. SSH tends to be more flexible than VPN clients, which has both positive and negative aspects. You can do clever things like use local networked printers while sharing files remotely. That can sometimes be a challenge with some VPN clients. That same flexibility can let a client route traffic that you may not want over your company Internet connection.

There are a number of good books on VPNs, as well as SSH. There are many issues to consider if you want to keep your data secure, and it's worth your time to do some reading on the subject.
 
Old 12-27-2006, 09:20 PM   #3
yogaboy
Member
 
Registered: Oct 2004
Location: Londinium
Distribution: CentOs 4, OSX Tiger
Posts: 93

Original Poster
Rep: Reputation: 15
thanks for the reply. I've actually got a mixture of mac and windows clients! I've been reading some articles on VPN and they backup what you've said about performance. I'm going to read a bit about Putty or perhaps Cygwin and have think. I certainly know a lot more about SSH than VPN so I'd prefer to use that.

Thanks for the input and the links, a little late for Christmas but I'm sure I can treat myself to a good book!
 
Old 12-27-2006, 11:45 PM   #4
farslayer
Guru
 
Registered: Oct 2005
Location: Willoughby, Ohio
Distribution: linuxdebian
Posts: 7,232
Blog Entries: 5

Rep: Reputation: 189Reputation: 189
theres always the option of a ssl vpn running from the server..
http://3sp.com/showSslExplorerCommunity.do
http://sourceforge.net/projects/sslexplorer/

The client just needs a web browser to access the server then.. very platform independent, nothing really to configure on the client side..

And not only can they access the machine running the SSL VPN but you can configure it to allow them to access resources behind that machine.

Quote:
Why Should I Use SSL-Explorer: Community Edition?

The 3SP SSL-Explorer is the ideal solution for anyone who needs remote access to their firewalled network resources.

You no longer to install dedicated VPN software. Neither do you need to manually set up cryptic protocol forwardings.

And best of all, it is totally free to use.

Last edited by farslayer; 12-27-2006 at 11:47 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Suggestions for setting up a network machine with remote terminal access cav Slackware 4 11-11-2005 07:14 PM
Suggestions for remote AP install on old hardware tomklq Linux - Distributions 0 08-01-2005 12:31 PM
Suggestions needed for Samba & Netalk fileserver vidarz Linux - General 0 02-13-2004 08:17 AM


All times are GMT -5. The time now is 06:39 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration