[opensuse] creating a tunnel between to networks
Hello, Locally I have several Suse boxes and a remote server running Redhat Enterprise. I'd like to setup an IP tunnel to connect my network to the remote server. Any suggestion on the best way to do this? Thank you in advance, James -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
James D. Parra wrote:
Hello,
Locally I have several Suse boxes and a remote server running Redhat Enterprise. I'd like to setup an IP tunnel to connect my network to the remote server. Any suggestion on the best way to do this?
Thank you in advance,
James
OpenVPN works well. -- Use OpenOffice.org <http://www.openoffice.org> -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thu, Apr 23, 2009 at 4:51 AM, James Knott <james.knott@rogers.com> wrote:
James D. Parra wrote:
Hello,
Locally I have several Suse boxes and a remote server running Redhat Enterprise. I'd like to setup an IP tunnel to connect my network to the remote server. Any suggestion on the best way to do this?
Thank you in advance,
James
OpenVPN works well.
Or with iproute2 and iptables. Take a look at chapter 3 of lartc [0] [0] http://lartc.org/ regards, medwinz -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
medwinz wrote:
On Thu, Apr 23, 2009 at 4:51 AM, James Knott <james.knott@rogers.com> wrote:
James D. Parra wrote:
Hello,
Locally I have several Suse boxes and a remote server running Redhat Enterprise. I'd like to setup an IP tunnel to connect my network to the remote server. Any suggestion on the best way to do this?
Thank you in advance,
James
OpenVPN works well.
Or with iproute2 and iptables. Take a look at chapter 3 of lartc [0]
regards, medwinz
I believe OpenVPN already uses that, via a TUN interface. Also, if the tunnel is to go over the public internet, encryption may be desirable. I have used OpenVPN, both Linux to Linux and Windows to Linux and has both routing and bridge modes. It's easy to set up and works well. Since it stuffs the tunnel traffic into UDP packets, it can carry just about anything. Here's what Yast2 Software Management has to say about it: "openvpn - Full-featured SSL VPN solution using a TUN/TAP Interface OpenVPN is a full-featured SSL VPN solution which can accomodate a wide range of configurations, including remote access, site-to-site VPNs, WiFi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. OpenVPN implements OSI layer 2 or 3 secure network extension using the industry standard SSL/TLS protocol, supports flexible client authentication methods based on certificates, smart cards, and/or 2-factor authentication, and allows user or group-specific access control policies using firewall rules applied to the VPN virtual interface. OpenVPN runs on: Linux, Windows 2000/XP and higher, OpenBSD, FreeBSD, NetBSD, Mac OS X, and Solaris. OpenVPN is not a web application proxy and does not operate through a web browser." -- Use OpenOffice.org <http://www.openoffice.org> -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
James D. Parra wrote:
Hello,
Locally I have several Suse boxes and a remote server running Redhat Enterprise. I'd like to setup an IP tunnel to connect my network to the remote server. Any suggestion on the best way to do this?
Like James Knott already suggested openVPN is good, but it might be a little much for just one external server. Take a look at ssh tunnelling too. /Per -- Per Jessen, Zürich (9.2°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, 2009-04-22 at 14:41 -0700, James D. Parra wrote:
Hello,
Locally I have several Suse boxes and a remote server running Redhat Enterprise. I'd like to setup an IP tunnel to connect my network to the remote server. Any suggestion on the best way to do this?
I think you have three options: 1) ipsec-tunnel 2) openvpn, tun,tap 3) ssh-tunnel, tun (listed in harder to easier order) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, 2009-04-22 at 14:41 -0700, James D. Parra wrote:
Hello,
Locally I have several Suse boxes and a remote server running Redhat Enterprise. I'd like to setup an IP tunnel to connect my network to the remote server. Any suggestions on the best way to do this?
I think you have three options: 1) ipsec-tunnel 2) openvpn, tun,tap 3) ssh-tunnel, tun ~~~~~~~~~~~~~~~~~~~~~~ Thank you, Hans. I was looking into vtun, but was hoping that ssh-tunnel would work. Could I route traffic between two networks connected by an ssh tunnel? If so, could you point me to some howto's so I could set this up. Again, many thanks. James -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thu, 2009-04-23 at 11:43 -0700, James D. Parra wrote:
On Wed, 2009-04-22 at 14:41 -0700, James D. Parra wrote:
Hello,
Locally I have several Suse boxes and a remote server running Redhat Enterprise. I'd like to setup an IP tunnel to connect my network to the remote server. Any suggestions on the best way to do this?
I think you have three options: 1) ipsec-tunnel 2) openvpn, tun,tap 3) ssh-tunnel, tun
~~~~~~~~~~~~~~~~~~~~~~
Thank you, Hans.
I was looking into vtun, but was hoping that ssh-tunnel would work. Could I route traffic between two networks connected by an ssh tunnel? If so, could you point me to some howto's so I could set this up.
Again, many thanks.
James
Hi James, Have the details / scripts @ work But you can find most details in: http://www.debian-administration.org/articles/539 http://charles.karney.info/tunnel/index.html https://help.ubuntu.com/community/SSH_VPN http://blog.rot13.org/2009/04/simple_network_to_network_vpn_with_openssh_and... On a good network it works very nice... Note however, It an easy method using pre-shared-keys (in contrast with certificates) You might run into problems if applied over un unreliable network, like wifi. because it's doing a nested TPC layer ontop of another TCP layer. And if TCP is causing much re-transmissions you might end up in doing only re-transmissions ;-) In those situations openvpn (ip over udp) or ipsec (even less overhead openswan/strongswan) might be better. hw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (5)
-
Hans Witvliet -
James D. Parra -
James Knott -
medwinz -
Per Jessen