| Forum Home | ||||
| PC World Chat | ||||
| Thread ID: 72932 | 2006-10-01 09:28:00 | VPN Gateway Distro | Erayd (23) | PC World Chat |
| Post ID | Timestamp | Content | User | ||
| 488449 | 2006-10-01 09:28:00 | Hi, I'm looking for a linux / BSD distro to use as an IPSEC VPN gateway, but I'm having a hard time finding one that'll do what I want. I do not want to replace my existing router (m0n0wall (m0n0.ch)); what I am after is a distro that can run with a single ethernet card and just plug into my LAN (i.e. a standalone VPN concentrator), and have IPSEC traffic mapped to it. It also must be able to use DNS hostnames (rather than IP addresses) as the endpoints for the IPSEC tunnel. It would also be nice if it was an embedded distro (i.e. runs from RAM, HDD/CF only needed to boot), but that's not strictly necessary - I'm having such trouble finding what I want that I'll take just about anything that works. A web (http) config would be nice too, but again not essential. Any ideas guys? I've been trawling the web for a few hours, but I haven't been able to find anything so far :( Cheers, Bletch |
Erayd (23) | ||
| 488450 | 2006-10-01 10:41:00 | You don't need a separate distro for every function. Simply take a standard server distro such as CentOS, install only a minimal system, then add OpenS/WAN. Open the right port in the firewall, forward IPSec traffic from the router, mock up a basic configuration and you're up and running. You're unlikely to find a web configuration tool for this and running from RAM depends on your base distro but I'm sure you'll find something that works. |
TGoddard (7263) | ||
| 488451 | 2006-10-01 11:42:00 | Thanks TGoddard, but was hoping for a compact embedded solution I could put on a CF card. I can do the standard distro thing if I need to, but if that was the case I'd be running it on VMWare server rather than a separate machine - I'd rather not use the power needed to run another PC 24/7. I know I don't *need* a separate distro for every function (and I don't) but I really don't want this thing on either of my main servers - I'd rather it was a separate machine. I don't care about the webconfig side - if I decide I need one I can write one. Just noticed I put this in the wrong forum. Could one of the mods move it? Thanks. |
Erayd (23) | ||
| 1 | |||||