[TriLUG] VPN questions
Jon Carnes
jonc at nc.rr.com
Tue Aug 12 20:24:31 EDT 2003
On Tue, 2003-08-12 at 19:59, zzd wrote:
> On Tuesday August 12 2003 06:02 pm, Jon Carnes wrote:
> > On the other side of the coin, I've been pushing folks to use Linksys
> > firewalls/routers which come built-in with IPSec capability. These
> > make it trivially easy to setup IPSec based vpn's from home to corp
> > or from corp to corp. The cost of the routers is less than $90.00 and
> > if someone is going to be opening up a backdoor into your network
> > (the vpn connection), they had better be running some sort of
> > firewall!
>
> Does this mean that it is also possible to set up a VPN between any two
> homes that have an internet connection and use the same Linksys
> routers, or do you need a static IP at one end?
>
Yes. The routers don't have to be the same though. You could hook a
Linksys router/firewall up to a Netscreen firewall or a Cisco router -
anything that can handle IPSec.
When hooking up two home units, both with dynamic IP Addresses, you'll
need at least one of them to use a Dynamic DNS provider, that way you
can setup the Linksys to do a look-up based on the fully-qualified
domain name (which would be the dynamic dns name for one of the
end-points). Dynamic DNS is fairly cheap these days, ranging from
$15/year to free.
Of course if one of the endpoints has a static IP Address, then you're
good to go!
BTW: the cheap (under $60) Linksys works fine as one of the IPSec
endpoints, but you'll need the other to be the more expensive one
(around $90). At least that is what I use, and it works fine.
Jon
More information about the TriLUG
mailing list