LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 05-04-2006, 01:23 AM   #1
dylan912
LQ Newbie
 
Registered: Dec 2004
Distribution: Redhat
Posts: 18

Rep: Reputation: 0
Finding a Linux VPN alike solution


I hope this is the right place for my inquiry.

I need to find a solution where we can login to a corporate network from different network and use our internal servers. Let say – I have a mail server running on my network. And I need my people to access this server from somewhere another country. They will dial-in to local ISP and running VPN or something alike software and use email client like MS outlook without changing any settings (my server’s bogus ip settings).

Does anyone know something alike this? Please advice.

Thanks and regards

- Hirantha
 
Old 05-04-2006, 10:12 AM   #2
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,635
Blog Entries: 4

Rep: Reputation: 3931Reputation: 3931Reputation: 3931Reputation: 3931Reputation: 3931Reputation: 3931Reputation: 3931Reputation: 3931Reputation: 3931Reputation: 3931Reputation: 3931
Okay... you say that you are running a mail-server somewhere, and you want selected people from other countries to be able to connect to it.

Linux supports various VPN (Virtual Private Networking) systems. Some of these (like openvpn) actually use a non-standard protocol but systems like "ipsec-tools" are standard.

[Note that you can also in some cases use a hardware router that has adequate VPN-support built in. You can use such a device on either end, or both.]

With this, the clients can establish a VPN "tunnel" from their network to yours. Now, the server (in your demilitarized-zone) that's running your mail-server has an IP-address on "their" network, and all of the communications betwxit them will be encrypted. You also know that only your authorized users, who are able to pass through VPN's security, can see the machine.

Once the VPN tunnel is established, any sort of communications (that you allow) can pass through it. Any number of users on their end (should you so allow it) can use the same tunnel.

The client-side software that they use will be standard. If you elect to use a VPN-enabled router on their network, their router can handle all of the negotiation and handshaking with your Linux box, so that there's absolutely no special software required on their machines. Windows does support VPN, but of course now that's more work for you, setting each client up individually.

When setting this up, buy for yourself the exact model of router that they're using; or buy one and ship it to them. Troubleshooting a VPN connection when "they're asleep while you're awake and vice-versa" is no fun.
 
Old 05-04-2006, 10:17 AM   #3
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,635
Blog Entries: 4

Rep: Reputation: 3931Reputation: 3931Reputation: 3931Reputation: 3931Reputation: 3931Reputation: 3931Reputation: 3931Reputation: 3931Reputation: 3931Reputation: 3931Reputation: 3931
One more thing... use digital certificates, not PSKs, and also (especially) don't use XAUTH. Not all Linux clients support XAUTH.

Digital certificates of the type required by VPN are very easy to set up (at no cost...) and they are extremely secure; more secure than any other option. You issue the certificate to the user(s) or the router that you wish to allow to communicate with you, and they do the same. By presenting these "unique, un-forgeable security badges" to each other at the start of the communication, they instantly establish their identities.

Certificates, furthermore, can be individually reissued or revoked at any time.
 
Old 05-05-2006, 01:08 AM   #4
dylan912
LQ Newbie
 
Registered: Dec 2004
Distribution: Redhat
Posts: 18

Original Poster
Rep: Reputation: 0
Hi sundialsvcs

Thank you for your comprehensive mail on VPN. But my requirement is slightly deferent from standards.

OK, I'm running my mail server locally. My all employees work with Thunderbird and Outlook client applications on their laptops and established connection with mail server. When they (employees) going abroad for official matters, they wanted to use same Thunderbird and outlook clients on their laptops and need to connect to my mail server. All they do is "Dial-in" to foreign country's Local ISP and establish the Internet connection. Then they will use "Microsoft or what ever the software" and establish the VPN with my network. So they have access to my mail server with out changing POP3, IMAP and MSTP setting on the client.

So my question is what remedy that I use for " Microsoft or what ever the software".

There is no "Their" network to configure with my VPN. They all use dialup to establish the Internet, so I can't establish IP network in my mail server.

I'm total depending on Linux but not with hardware VPN though I know some hardware does this.

Please advice to achieve this using Linux box and Microsoft client software running on laptops.

Thanks and regards

- Hirantha
 
Old 05-22-2006, 11:22 AM   #5
dylan912
LQ Newbie
 
Registered: Dec 2004
Distribution: Redhat
Posts: 18

Original Poster
Rep: Reputation: 0
OK.. I found the client part! I plan to use Cisco VPN Dialer. So all I have to find is the way to communicate with Linux VPN server. So how do I make this happen? Users will dial-in to local ISP then connect to my Linux VPN over the Internet using Cisco VPN Dialer

How do I configure my Linux box as a VPN sever which is listing for VPN Dialer.

Please advice.. If this is not the best place to look, put me on the right forum.

Thanks in advance

- Hirantha
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Looking for VPN Solution dleidlein Linux - Networking 1 05-02-2006 09:49 AM
Help with VPN netwoking solution for Stompbox otisthegbs Linux - Networking 2 03-18-2006 04:56 PM
ppp, and or vpn routing solution scheidel21 Linux - Networking 5 01-31-2004 11:10 AM
wireless concerns: is a VPN the solution? yocompia Linux - Security 5 09-16-2003 01:43 PM
Good VPN solution tarballedtux Linux - Security 1 11-01-2002 08:45 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 06:46 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration