I'm trying to setup a simple vpn so I can vpn into my house and have access as if I was connected to the switch.

i looked at various solutions such as openvpn, openswan and pptpd. they are very poorly documented and I can't find much online on how to get them working.

I'm more interested in pptpd as even though it's less secure it looks like it's the simplest (no certificates and stuff) and I will tunnel it via SSH anyway. The issue I'm having is that it's only listening locally, I also don't know how to create users for it, as there is no documentation.

Try some of these links for poptop the pptpd server http://poptop.sourceforge.net/dox/ http://www.poptop.org/PoPToP-RedHat-HOWTO.txt http://articles.techrepublic.com.com...1-6031577.html

In all earnest poptop is pretty easy to setup, most of the stiff is actually setup in PPP documents. However, if you are using SSHthen you are defeating the purpose of a VPN more or less anyways. You can all ready tunnel excrypted traffic through SSH.

the reason I want the vpn is so I can also route.

Ex: I open ssh, I have to specify which ports and which servers to tunnel through. With vpn, everything is open. I just access the Ip directly as if I'm plugged right in.

Or is there a way to do this with just ssh? Since if yes that would be even better.

At least, what I'd love to be able to do is map a samba share in windows, over ssh. So if vpn wont work out, that's my 2nd option.

you Can simply use the best Open source solution VPN (OpenVpn) and there is a good book which is open vpn with a picture of parrot on it we will learn alot from this book

Tried open vpn but it's very badly documented so I could not figure it out. Though I did not know about the book, I'll see if I can find it online

What's bad about the openvpn documentation? It's more than sufficient to get you up and running in several ways? Are you looking at the same site I am?

http://www.openvpn.org/index.php/doc...ion/howto.html

amongst others for example

Thats the one, along with whatever I found on google.

When it tells me to do stuff like copy the config (since /etc/openvpn is empty by default for whatever reason) the paths they say are wrong, the files they refer to are wrong or don't exist, or they don't even say filenames at all. Like "edit this line" ok this line in what file?

There's lot of missing "links" that are not explained in the documentation.

Such things vary between distros, installation method, etc, so unless you find a howto for your distro, you are likely to have these issues for any solution (and that will be the case if you purchase a book on the subject).

Good luck.

Well that's not good. how should I go about doing this then? I can't just guess. Is there by chance a vmware 2.0 appliance already setup I can just download?

If it matters I'm using fedora core 9 for the vpn server but that can easily be changed if you think another distro may work better.

Distro coders seriously need to get together and agree to standards though, it's not right that stuff is not the same accross all distros, when it comes to installing/configuring stuff.

OpenVPN Free Online Edition
http://openvpnbook.packtpub.com/

_

VPN, unfortunately, can turn into quite the can of worms.

I still have quite a few scorch-marks on my tailpipe from trying to get any one of several VPN implementations to work properly. It is not always as easy as it sounds.

So... what did I finally do? Hardware! It turns out that the router we were using had VPN capability built-in, and we could set up a secure tunnel between the two installations using that. Worked great. None of the computers on either side had to do anything special... they saw the computers "on the other side of the tunnel" as being "local." (Sweet!)

Pretty much any router that you buy these days at an electronics store is quite likely to have some degree of VPN capability built-in. It might well be all you need.

Did you install openvpn using yum or from source? Whe nI'v installed in in CentOS (pretty much the same as Fedora), things end up in pretty much the right place (/etc/openvpn for example).

I did with yum. The main issue is when I do install it lot of stuff is missing such as /etc/openvpn, being empty. So when I follow any type of documentation and it tells me to do stuff, I have nowhere to go to actually do that as my directory is empty.

I've thought of going the router route as well, though I like the idea of a server acting as vpn server since I can fine tweak what can be accessed by adding outgoing firewall rules at the server, that and I can close the port externally and only make it work through a ssh tunnel for the double authentication factor and double encryption. I don't really trust the vpn on cheap routers, or is it actually half decent? the main thing I need is some form of brute force protection, or someone can sit there for years and eventually guess the password without me knowing.

Please don't take this the wrong way, but I think the problem is you want to follow instructions, but haven't followed them carefully enough.

I just dropped openvpn onto a F9 box, and as you rightly point out, /etc/openvpn is empty. So I started at the top of the howto:

and

On my box I have
So the rsa stuff is not exactly where the howto points - it's still for 2.0 I note, but easy enough to find (if you are ever looking for a file, try "locate easy-rsa" - if it's a new file, run "updagedb" first).

So if you want to give it another go, copy these across and see how you gow.

openvpn works well once it's going.

Even after copying that folder lot of stuff is missing. for example, there is no "vars" file. I'm using this tutorial: http://www.thebakershome.net/openvpn_tutorial

Lot of other stuff I can't find either. is there a premade vmware appliance I can just download? This just seems way too complicated for nothing. I've coded many programs before and I always make sure that it works out of the box, you just have to turn it on, and boom, it works. None of this BS of copying files all over the place.

If I knew more about network coding at the lower level I'd just make my own vpn server/client