[ previous ] [ next ] [ threads ]
 
 From:  "Mr. listman" <savethelist at hotmail dot com>
 To:  xawiers at undine dot lt, m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] VPN
 Date:  Sat, 27 Nov 2004 16:14:23 +0100
My experience, with m0n0wall,
one hell of a program, but with the VPN it's not to flexible,

if u choose IPSEC, it works perferct with fix ip's, but it don't allow u to 
use a FQDN for the connection to the dynamic ip, which is not so nice, if u 
decides to us a service like noip.com or dyndns, m0n0wall supports dynamic 
DNS for  the keeping the WAN alive, but for the VPN, it's not to flexible.

I have experience with openvpn, but it seems the version in m0n0wall, is not 
  yet up to perfection, it would be nice, if the betaversion of openvpn, can 
import existing openvpn configuration files, would make it very simple and 
easy,


All i can see, is look in the DOCS, Peter Curan (i think) has a document on 
using OPENVPN, but base on what i read in the threads, openvpn is yet not so 
up to perfection, i would be glad if it works good, i'm a vivid fan of 
OPENVPN using it with LEAF Bearing, never had a problem with it, if the link 
breaks, it neatlly bring it back up.....


what i can advise is give both options a try, and see which one fits your 
needs best, was trying the openvpen, but it seems, that u MUST use 
certificates, cause when i tried it without, it started complaining, and 
seeing that in my vpn's i used pre-shared keys, i didn't bother to play with 
it, i test the IPSEC, base on the documentation, and it worked in one TRY, 
so i stuck with it, only think, is i have to constantly keep my eyes on the 
dynamic IP, in the event that it changes.

I waiting to see, if probably if the link breaks, the link where the DYNAMIC 
ip is, will initiate the call back to the FIX ip, and keep my link up, i 
haven't tested it, but just hoping it does, and don't fail me,.

Do hope, Manual can fix it to use FQDN to connect (don't know if this is and 
m0n0wall issue, or IPSEC) do hope it can be fix..i'll be one happy man.


regards


>From: "Xawiers" <xawiers at undine dot lt>
>To: m0n0wall at lists dot m0n0 dot ch
>Subject: [m0n0wall] VPN
>Date: Sat, 27 Nov 2004 13:36:30 +0200 (EET)
>
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Hello to all
>I'd like to know Your oppinion about setting up vpn.
>What best choise (for security and speed) would be to set up VPN between 2
>ponts
>in first case both endpoints have fixed IP address
>in second - on of them - dynamic.
>Is IPSEC or OpenVPN or other solution best ?
>I have 1.2b2 m0n0wall at home for testing.
>__________________________
>Xawiers
>
>
>
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.2.6 (FreeBSD)
>
>iD8DBQFBqGa+qIz0qsSkSHURAifUAJ4+qcoiZCGki6v1wrDMUFaBjS/QUwCeOm7w
>9GEATD6QF2Qzmk0V6HKLcwk=
>=pLPy
>-----END PGP SIGNATURE-----
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>

_________________________________________________________________
Play online games with your friends with MSN Messenger 
http://messenger.msn.nl/