[H-GEN] Request for help with smoothwall firewall
Ronald Bradford
humbug at myvirtualemail.biz
Thu Sep 22 19:58:27 EDT 2005
Christopher,
Thanks for you feedback. I'll post a response to the list when I've got
it all working in our environment.
Regards
Ronald :)
Christopher LeMoyne wrote:
> [ Humbug *General* list - semi-serious discussions about Humbug and ]
> [ Unix-related topics. Posts from non-subscribed addresses will vanish. ]
>
> Ronald Bradford wrote:
>
>> However two things remain, VPN & VNC access. I've been unsuccessful
>> in doing testing of VPN access from a Windoze machine (which all
>> staff use).
>> While there is a certain amount of accessible documentation, it's a
>> lot to wade through and consensus is VPN is complicated, and with
>> Microsoft not supporting IPsec very difficult hence my request for
>> anybody that could give some valuable assistance first hand.
>
>
>
> Hi Ronald,
>
> Firstly, Microsoft Windows does support IPSEC firewalls. PPTP is
> their primary focus, but they do support IPSEC (out-of-the-box on 2k
> and XP). I know, because it's a big part of exam 70-218 (requirement
> for the MCSA) which I passed a few months ago. IPSEC, unfortunately,
> is quite complicated to setup, no matter what platform you choose. It
> is best implemented at larger companies that can readily setup the
> infrastructure needed. Some resources for IPSEC on Windows:
> http://labmice.techtarget.com/networking/ipsec.htm
>
> Secondly, you may want to consider another firewall technology
> altogether. I have setup a number of OpenVPN tunnels to friend's
> machines & LAN's, using both Linux and Windows. OpenVPN is
> OpenSource, comes with a Windows installer and Linux binaries/source,
> is quite simple to implement (especially suitable for SME), and comes
> with some excellent howto's and other doco:
> http://openvpn.net/
>
> Thirdly, for VNC, I thoroughly recommend UltraVNC (also OpenSource).
> Although it is Windows-only, it is backwards-compatible with other VNC
> versions (depending on what authentication methods you select, if you
> choose MS-Logon I or MS-Logon II, it is then UltraVNC only, though it
> has an embedded JavaViewer for other platforms to use). It has some
> excellent features, such as requesting user permission to shadow, and
> defaulting to accept or reject with a timeout, and quite a few others
> that make it very suitable for business use. Refer to Anthony Irwin's
> post for how to forward different ports to each machine inside the
> LAN. You could either change the port on each machine via UltraVNC's
> settings panel, or rewrite the port number with your firewall rules.
> http://ultravnc.sourceforge.net/
>
> Good luck.
>
> Regards,
> Christopher
>
> _______________________________________________
> General mailing list
> General at lists.humbug.org.au
> http://lists.humbug.org.au/cgi-bin/mailman/listinfo/general
>
>
More information about the General
mailing list