[Cialug] VPN for a client

Jeff Davis jeff at dynamictelecard.com
Wed Jan 18 08:54:45 CST 2006 

Sounds like m0n0wall would be a decent fit for a VPN box.
Its FreeBSD based but has a gui so you don't even need
any command line experience to operate it.
http://m0n0.ch/wall/

You put it on your network and the remote users VPN into
it and can then (for the most part) use network resources
just as if they were plugged into the LAN.

All you need an old box with a few NICs in it, a CD rom and a floppy drive.
You just put the m0n0wall cd in and a floppy and boot it up.
The first time you'll have to set up the NICs (i.e. which is LAN and WAN)
and set up the PPTP VPN users.  (i.e. give them a username and password)
and a few other pretty basic things (hostname, IP, etc.)

All the config stuff is stored on the floppy, so if you have a hardware
failure pretty much any old box will do.  Upgrading is as simple as
burning the new ISO from the m0n0wall site, putting the cd in the drive
and rebooting the box.

For the client end, you can set up a PPTP VPN shortcut on the windows
machine with no extra hardware/software required.

(Cable and DSL users will need to make sure
 their modem/router is set to do VPN pass-thru.)

Oh...and m0n0wall is free.

Some other options you might consider are Astaro Security Linux which
is free to home users (might want to ask about non-profit use) and SmoothWall.

http://www.astaro.com/
http://www.smoothwall.org/

-Jeff


Stuart Thiessen wrote:
> Hi! I have never dealt with a VPN before, but I have two situations with
> deaf non-profits that have a lot of remote board members and could
> benefit from having some centralized stores of information. I think that
> they could benefit from a VPN type scenario.
> 
> In both cases, I am dealing with several individuals (Windows users, of
> course) whose knowledge of computing is limited to very general purpose
> situations (wordprocessing, email, etc.) Some, however, are quite savvy,
> but I want to make sure the less savvy individuals have access. My goal
> would be to figure out a way to set up the VPN with the least amount of
> finangling and equipment on their side but still allow them to access
> information on a server as if it were in their local network. I'm
> thinking about shared database access and shared organizational
> electronic files as being key benefits for them. They can continue to
> use their Windows parlance to share information, but they can save the
> $$ by doing it with Linux.
> 
> I could do things web-based, but with all the security stuff going on,
> I'd like to reduce the exposure as much as possible for their access to
> their private organizational files. Nearly all of them have DSL or Cable
> High Speed Access. Only a few have dialup.
> 
> I have done some reading on the web about this, but I always like to
> discuss with people who have experience with this. If you'd be willing
> to share some of that, I'd appreciate it.
> 
> On the other hand, if you have some alternative ideas, I'd like to hear
> it.  Moving them all to Linux (while a great idea) is probably not on
> the achievable list (though I did manage to convince one board member to
> give it a try and gave him a copy of Knoppix.)
> 
> Thanks,
> 
> Stuart

_______________________________________________
Cialug mailing list
Cialug at cialug.org
http://cialug.org/mailman/listinfo/cialug

More information about the Cialug mailing list