[plug] CIPE / VPN

Brad Campbell brad at wasp.net.au
Tue Oct 21 16:33:09 WST 2003


Paul Arch wrote:
> Hi,
>  
>  has anyone had much experience with CIPE ( Crypto IP Encapsulation - 
> VPN ) .  I am setting up a connection from a Telstra GPRS modem ( 
> embedded linux server monitoring cooling towers) to a central data 
> server.  Can anyone suggest any experiences with encrypted tunnels over 
> the internet, notebly behind a NAT gateway.

Yep, and it works very, very well..
I have 2 remote tunnels to a single location.

The main point is running a Fortress Firewall, I have poked 2 holes in 
it doing udp masq to an internal linux box.
Both remote ends are behind ADSL/ISDN boxes that only do NAT.
The remote ends are set up as dynamic ip devices, and told the static ip 
of the main point. Works a treat..

The remote ends did not require any configuration of the NAT devices and 
no static ports or anything like that.

I'm not using PKCipe and only using static 128 bit keys.

Our partener in the office up here decided that my way was crappy and 
they were going to spend 1.5k on a Cisco PIX device. They have spent 2 
weeks trying to get it working and all they manage to do is lock up the 
adsl modem!! It now sits in a box under a desk.
Cipe worked first go and has been running flawlessly for 8 weeks now.



Brad

_______________________________________________
plug mailing list
plug at plug.linux.org.au
http://mail.plug.linux.org.au/cgi-bin/mailman/listinfo/plug


More information about the plug mailing list