Re: [Users] Free VPN solution possible?

From: Ken Bantoft (ken_at_freeswan.ca)
Date: Mon Nov 25 2002 - 22:33:30 CET

• Next message: Ken Tossell: "Re: [VF][Users] OT:Worm-Klez"
• Previous message: Fabrizio Rossel Bocanegra: "Re: [Users] Can't Add Route"
• In reply to: Chris Malott: "Re: [Users] Free VPN solution possible?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

-----BEGIN PGP SIGNED MESSAGE-----

On Mon, 25 Nov 2002, Chris Malott wrote:

> Funny you should mention this. I'd be curious to know what approach people
> have taken to addressing this issue. Specifically pertaining to RW(and I do
> mean on the road, from location X) connections. Aside from small software
> based packet filtering firewalls on the client systems, what alternatives
> have you guys(the group) come up with.
>
> One obvious venue would be to encrypt and route all the packets through the
> primary SG, and deny all other traffic hitting the the external interface of
> the RW. But, this sucks all sorts of bandwidth, and, I wonder how feasible
> this would be for dial-up(on the road) users.

That's what alot of commercial vendor's products do - ie: Nortel's client,
by default, forwards all traffic over the IPSec/PPTP connection.

Managing a large number of road-warrior peoples with any sort of local
package can become a nightmare. I've heard of people using BlackICE,
Zone Alarm, Symantec and McAfee's software packages, but none of these are
free. These come with the additional cost of support - when user calls to
complain they can't access/run <whatever> you have to walk them through
reconfiguring the product to allow them. And if they can disable it
themselves, they will.

- --
Ken Bantoft The Unoffical FreeS/WAN Site:
ken_at_freeswan.ca http://www.freeswan.ca
                           PGP Key: finger ken_at_bantoft.org
"Random numbers should not be generated with a method
chosen at random." -- Donald Knuth,

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQCVAwUBPeKXLViWUusaxGxpAQFACgP/ZEM+j5NimLEHYxYQJq9Y67wq2Gmttsg9
ZFTwZ+dpAiAPHM2GDCSTffz7E6k9T2kD7Y2LENWomN8HxJe+e1aKbqB5q7cjdHjG
ioLy12Miivz6wjByUEDjiEgATjgwFWLoaI3WF+r2AT2mRaujS7FJKPZUBE/23IV1
EY3F6X36Da8=
=Rii5
-----END PGP SIGNATURE-----

_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

• Next message: Ken Tossell: "Re: [VF][Users] OT:Worm-Klez"
• Previous message: Fabrizio Rossel Bocanegra: "Re: [Users] Can't Add Route"
• In reply to: Chris Malott: "Re: [Users] Free VPN solution possible?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.5 : Tue Nov 26 2002 - 05:20:48 CET