Opinion: Best VPN to use with Fedora/Windows

Kevin Fries kevin at hcico.com
Sun Jan 9 23:31:51 UTC 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

OK, I know this type of question always has the danger of starting a
flame war, that is not my intention, so I ask ahead of time to keep
the rhetoric down.

I am beginning to think about installing VPN services.  Being that our
servers are all Fedora, this seems like a logical place to start my
quest for knowledge.  Our network is small, but my users are somewhat
mobile.  I have essentially two servers: the inside server; and the
outside server.  All our desktops, except my desktop, my laptop, and
the guest office kiosk, are Windows 2000.

When my guys go on the road, they sometimes need to get information
from the shares on either someone's desktop, or off a SAMBA share
hosted on the internal server.  Right now, they are using a FTP server
that essentially does a soft chroot into their home directories on the
public server, then I build symbolic links to mounted resources to
give them access to what they want.  This system works, but is not as
stable as I would like (stale NFS links, other machine problems, etc).

What I would like is to find a VPN solution that I can host on one of
my servers (internal and external are only indications of their
primary purpose, the internal server does have Internet access and is
used as a backup DNS and Postfix server) to allow my guys on the road
the ability to see the internal network resources.  This includes but
is not limited to the SMB shares and printers.  I would also like this
solution to have Linux and Mac equivalents.

All our account information is stored in an LDAP server, which is
retrieved via PAM and the PADL tools.  I am slowly reconfiguring my
software to take the information from the LDAP server directly, and
would like to limit my options to products that can be configured that
way.  Since I only store accounts in LDAP, it is not critical that all
settings be stored that way.  Postfix is a perfect example: config in
/etc/postfix but can pull valid users from LDAP.  I would also like to
enable or disable accounts with the use of a objectclass.  Users with
an objectclass of vpnUser for example can use the VPN, otherwise,
account not found.

Does anyone else have this Linux back end / Windows & Linux desktop
setup that is also providing VPN services?

What are you using?

What makes you do the happy dance about your solution?

What makes you curse like a sailor on shore leave about your solution?

Thanks in advance
Kevin Fries
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFB4b7niFq1Eo16+CgRAluiAJ4yZmJtJ0zhvPiQaWj+a/AlSuN5cACeJRqa
j0GTAfnxcfatESaAf2n4Iqs=
=Y/fj
-----END PGP SIGNATURE-----




More information about the fedora-list mailing list