[TriLUG] VPN suggestions
Mark Fowle
mark at thefowles.com
Tue Oct 28 14:10:12 EST 2003
Does it need an external IP address - or can you open and forward a port
from the firewall to the VPN ?
On Tue, 2003-10-28 at 12:21, Jon Carnes wrote:
> On Tue, 2003-10-28 at 11:03, Joseph Tate wrote:
> > I've been asked several times by our VP of sales about setting up a VPN
> > so that he can access files on our winders fileserver behind our
> > firewall. Short of opening up ports 137-139, or using the Windows VPN
> > (Which may or may not be feasible since I don't control the subnet), are
> > there simple ways to accomplish this? I have a RH 7.3 system nearby,
> > and we could probably purchase a VPN appliance. Does this sound like a
> > job for WebDAV? Should I just setup ssh tunnelling for him?
> >
> > I'm attracted to the Linksys VPN devices because of their advertised no
> > client software and no client fees, but wonder if they work when already
> > behind a firewall. I can have ports opened for the device (if it has
> > its own IP) if necessary, but I'm not sure if I can open the entire port
> > range for the device. Ideas? Suggestions?
> >
> > Joseph
>
> An appliance is the way to go these days. They are cheap and very
> reliable. For the appliance to work properly you will have to install it
> in parallel to your existing firewall. The appliance also acts as a
> firewall so there is no security problems in doing so - however you do
> need an external IP address.
>
> My favorite solution for limited use - as you describe above - is to
> purchase two Linksys VPN routers (Linksys #BEFVP41) and set one up on
> your network and give the other one to your VP of Sales.
>
> The setup works great and you know that your VP is now running behind a
> firewall at home (while vpn-ed into your secure internal network). The
> cost would also be under $200. The BEFVP41 can handle up to 10 remote
> connections (under normal use), so you can setup 9 other folks with
> home/travel Linksys routers as well and have them all use the one
> BEFVP41 that you put up on your network.
>
> Linksys also has a new VPN wireless router (just what you asked for
> Michael!), so if your VP is used to going wireless you can still
> accommodate him.
>
> There are a *lot* of other alternatives, but none that work as well or
> as cheaply (unless you've got time to burn and a few spare PC's).
>
> Take care - Jon Carnes
--
Mark Fowle
mark at thefowles.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://www.trilug.org/pipermail/trilug/attachments/20031028/796f45a7/attachment.pgp>
More information about the TriLUG
mailing list