vpn through linux gateway

hello,

I am currently running debian3.0 with ipchains2.2 style.

I would like to add functionality to be able to vpn through this linux
gateway from a windows laptop client. I am looking into transitioning
to iptables based NAT/Masquerade/firewall. I understand that I will
also need ipsec.

Anything else I need? I will be reading up on this prior to attempting
to do anything with it. Though I've been using linux for nearly 3
years, now, I have only been able to follow directions, but not really
know what I'm doing. For though most part, I'm able to get things to work.
The ipchains firewall script from www.aboutdebian.com has served me well
- but now I want to be able to vpn through my firewall.

any suggestions greatly appreciated.
-jd

John Doe wrote:

> hello,
>
> I am currently running debian3.0 with ipchains2.2 style.
>
> I would like to add functionality to be able to vpn through this linux
> gateway from a windows laptop client. I am looking into transitioning
> to iptables based NAT/Masquerade/firewall. I understand that I will
> also need ipsec.
>
> Anything else I need? I will be reading up on this prior to attempting
> to do anything with it. Though I've been using linux for nearly 3
> years, now, I have only been able to follow directions, but not really
> know what I'm doing. For though most part, I'm able to get things to
> work. The ipchains firewall script from www.aboutdebian.com has served me
> well - but now I want to be able to vpn through my firewall.
>
> any suggestions greatly appreciated.
> -jd

You might want to try CIPE. It comes with some distros and a Windows
version is available. I use it between my Linux notebook and firewall.


--

Fundamentalism is fundamentally wrong.

To reply to this message, replace everything to the left of "@" with
james.knott.

John Doe <(E-Mail Removed)> wrote:

> I am currently running debian3.0 with ipchains2.2 style.
>
> I would like to add functionality to be able to vpn through this linux
> gateway from a windows laptop client. I am looking into transitioning
> to iptables based NAT/Masquerade/firewall. I understand that I will
> also need ipsec.

If you pass IPsec through the Linux gateway, then you don't need
IPsec on the Linux box. Only as a side note: There are also other
VPN technologies available like PPTP, OpenVPN, CIPE, ...

You can find some general information about VPNs and how they can
be deployed in
http://www.buildinglinuxvpns.net/chapter2.pdf


> Anything else I need? I will be reading up on this prior to attempting
> to do anything with it.

Start reading with:
http://www.impsec.org/linux/masquera...asquerade.html
http://www.impsec.org/linux/masquerade/ip_masq_vpn.html

For getting started with iptables you should read
http://iptables-tutorial.frozentux.n...-tutorial.html


Ciao, Horst
--
»When pings go wrong (It hurts me too)« E.Clapton/E.James/P.Tscharn

In article <bovufm$2ug4$(E-Mail Removed)>, Horst Knobloch wrote:
> John Doe <(E-Mail Removed)> wrote:
>
>> I am currently running debian3.0 with ipchains2.2 style.
>>
>> I would like to add functionality to be able to vpn through this linux
>> gateway from a windows laptop client. I am looking into transitioning
>> to iptables based NAT/Masquerade/firewall. I understand that I will
>> also need ipsec.
>
> If you pass IPsec through the Linux gateway, then you don't need
> IPsec on the Linux box. Only as a side note: There are also other
> VPN technologies available like PPTP, OpenVPN, CIPE, ...
>
> You can find some general information about VPNs and how they can
> be deployed in
> http://www.buildinglinuxvpns.net/chapter2.pdf
>
>
>> Anything else I need? I will be reading up on this prior to attempting
>> to do anything with it.
>
> Start reading with:
> http://www.impsec.org/linux/masquera...asquerade.html
> http://www.impsec.org/linux/masquerade/ip_masq_vpn.html
>
> For getting started with iptables you should read
> http://iptables-tutorial.frozentux.n...-tutorial.html
>
>
> Ciao, Horst

Thanks so much for pointing me in the right direction. I googled ipsec,
vpn and iptables... but all separately. The VPN-Masquerade was the key
document. Proud to say that I am now successfully converted from
ipchains to iptables AND vpn'ing through the firewall. Now to go back
and understand what I did!

-jd

John Doe <(E-Mail Removed)> wrote:

> In article <bovufm$2ug4$(E-Mail Removed)>, Horst Knobloch wrote:
>> John Doe <(E-Mail Removed)> wrote:

[VPN & iptables documents]
> Thanks so much for pointing me in the right direction.

You are welcome.

> The VPN-Masquerade was the key
> document. Proud to say that I am now successfully converted from
> ipchains to iptables AND vpn'ing through the firewall.

Congratulations. :-)

> Now to go back
> and understand what I did!

Jupp, this is a very good idea. Hopefully, everything is
still secure. ;-)


Ciao, Horst
--
»When pings go wrong (It hurts me too)« E.Clapton/E.James/P.Tscharn