[nycbug-talk] need help asap, will pay, ms vpn client

Mikel King mikel.king
Tue Mar 1 22:00:08 EST 2005 

Ok so your plan is to use a nailed vpn now? That is the best idea when a 
client software solution is complicated. Like Racoon, on MAC OS, most 
average endusers don't even know there is a command line under that 
gui...;-)



George Georgalis wrote:

>On Tue, Mar 01, 2005 at 09:38:02PM -0500, Jesse Callaway wrote:
>  
>
>>On Tue, Mar 01, 2005 at 08:45:28PM -0500, George Georgalis wrote:
>>    
>>
>>>On Tue, Mar 01, 2005 at 08:35:17PM -0500, marco at metm.org wrote:
>>>      
>>>
>>>>I hate fxxxing mixed OS vpn setups.  
>>>>All I can say is I've been there, more undocumented incompatible crap
>>>>than you can shake a stick at.  I would love for someone to prove me
>>>>wrong and that in fact I am the dummy who just did not understand.
>>>>        
>>>>
>>>which is a great segue,
>>>
>>>I'm thinking the problem has been client firewalls. And the solution is
>>>to replace them with linksys vpn firewalls
>>>
>>> client - linksys vpn - internet - vpn linksys - private lan
>>>
>>>which should leave the least room for error, easiest to setup and
>>>support. comments? "of course you idiot" variety welcome.
>>>
>>>// George
>>>
>>>      
>>>
>>of course, I thought you were talking about IPSEC enabled firewall/gateways. Yes. Once you do that the problem will be a non-issue. You just "do it" on the MS side, lordy lordy. Were you leaving the IPSEC ports completely open? Where did they forward to? What about NAT? Yeah, once you have these guys up facing the outside it should be no problem.
>>
>>
>>I've done it w/o problems when you have the VPN device sitting at the edge. Otherwise you will have to invest some time.
>>    
>>
>
>the vpn router is on the edge, but since the client has their own edge
>firewall, support for that and their system will be excessive. seems
>simpler to give them an edge vpn / firewall. then there is zero config
>on the client host, the remote network is joined by the edge devices,
>edge, edge, edge is the answer, I think, don't have an extra one yet.
>
>// George
>
>
>  
>

-- 
Cheers,
Mikel King
Optimized Computer Solutions, INC
39 West Fourteenth Street
Second Floor
New York, NY 10011
http://www.ocsny.com
t:212.727.2100x132

+------------------------------------------+
You may like them. You will see. You may
like them in a tree.
http://www.FreeBSD.org
http://www.OpenOffice.org
http://www.Mozilla.org
+------------------------------------------+
How do you spell cooperation? Pessimists use
each other, but optimists help each other.
Collaboration feeds your spirit, while
competition only stokes your ego. You'll
find the best way to get along.
+------------------------------------------+

-------------- next part --------------
A non-text attachment was scrubbed...
Name: mikel.king.vcf
Type: text/x-vcard
Size: 347 bytes
Desc: not available
Url : http://lists.nycbug.org/pipermail/talk/attachments/20050301/591db043/attachment.vcf

More information about the talk mailing list