-   Linux - Networking (
-   -   Best way to set up tunnel (

dgermann 07-14-2008 10:11 PM

Best way to set up tunnel

Please, what's the best way to accomplish this sort of a tunnel?

File server is RedHat 9.0 box running samba. Have both Windows and Ubuntu machines accessing the server files, running OOo, mostly. This is a production setting. Total of about 7 or 8 machines accessing the server at any one time.

Linux machines connect via cifs mounts.

One of my people wants to work from his home. I will send an Ubuntu box home with him.

Previously had an employee access from her home using pptp. We shut that connection down when she left our employ. pptpd is still on the server.

So my questions:

1. What are my choices for making the most robust connections? pptp openssh gstm something else?

2. If we go ssh, can the shares still be mounted via cifs?

3. If we go ssh (I have read that pptp is not very secure), will file locks work properly so that if remote person via ssh opens a file, a local person connecting via cifs will not be able to open and edit the same file simultaneously?

4. Is there a way to limit the connection coming in to just one machine, such as by restricting connection to a specific mac address?

5. Are there any sites which give the pluses and minuses and the options for such a network? I have been googling around and have not yet found anything.


williebens 07-14-2008 11:49 PM


Do you know about openpvpn?
It establishes a tunnel to connect two private networks. However, I do not know about the cifs requirements.


dgermann 07-15-2008 09:48 PM


Many thanks. That looks like it might be a good option.

Wonder if there is a way to check this out while both computers are in one room?

Anyway, have you used openvpn? What can you tell me about it, if you have.

Many thanks, Willie!

uncle_philip 07-16-2008 01:44 AM

go to openvpn web-site and have a look, they have a quick guide to help you to start.
yes, you can test 2 computers side by side, under local network.
it is just like normal vpn, after login, client assigns a local ip-addr.

dgermann 07-16-2008 09:55 PM


Thanks! That's what I was hoping for--it's easier to fix problems when you have both machines in front of you than if you have to talk someone through it!

All times are GMT -5. The time now is 08:15 AM.