FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 02-06-2010, 04:09 PM
Matteo Riva
 
Default Connect to Watchguard VPN

Hello, this is the first time I have to use a VPN so I need basic
information on how to do it. I need to connect to a Watchguard VPN but
the admin only sent me details for windows so I'm kinda clueless.

What packages should I use? What specific details should I ask the
admin? I already asked for specific instructions but it could take time
and I'd like to speed things up a little if I can, and learn something
in the process too.

Thanks.


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-06-2010, 08:03 PM
Joe
 
Default Connect to Watchguard VPN

Matteo Riva wrote:

Hello, this is the first time I have to use a VPN so I need basic
information on how to do it. I need to connect to a Watchguard VPN but
the admin only sent me details for windows so I'm kinda clueless.

What packages should I use? What specific details should I ask the
admin? I already asked for specific instructions but it could take time
and I'd like to speed things up a little if I can, and learn something
in the process too.



The most important thing you need to know is which type of VPN it is.
The Microsoft world uses three main types: PPTP, L2TP and IPSec. The
first two are proprietary Microsoft protocols, but are well enough
understood that they are de-facto standards. IPSec is an old standard
and is very widely used for site-to-site VPNs, normally between
perimeter firewalls or routers. IPSec uses the IP addresses of the
endpoints for the encryption process, and so doesn't work by itself
through NAT. There are various bodges to help matters, but IPSec is only
really appropriate between routable IP addresses, not to or from
machines behind NAT.


Since the Watchguard device is probably a perimeter firewall, it could
well use any of these protocols, or OpenVPN. If you've been given
Windows instructions, that suggests the VPN client will normally be a
workstation, so probably PPTP, or just possibly L2TP. There is a PPTP
client, pptp-linux, and at least one GUI wrapper for it. The most basic
encryption for PPTP is MPPE, a Microsoft protocol, but included in
kernels since early 2.4, I think. Quite exotic encryption and
authentication is possible even with PPTP, but rarely used as it is a
bit of a pig to get working. The default XP VPN client is PPTP, and the
default settings are usually used. If it is PPTP, and you have egress
filtering on your workstation or network, you need to pass TCP port 1723
and *IP protocol*, not port, 47.


I can't be of much more help, as it is some time since I used VPN much,
and then it was to connect to Windows servers.


--
Joe


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-07-2010, 05:56 AM
Stan Hoeppner
 
Default Connect to Watchguard VPN

Matteo Riva put forth on 2/6/2010 11:09 AM:
> Hello, this is the first time I have to use a VPN so I need basic
> information on how to do it. I need to connect to a Watchguard VPN but
> the admin only sent me details for windows so I'm kinda clueless.
>
> What packages should I use? What specific details should I ask the
> admin? I already asked for specific instructions but it could take time
> and I'd like to speed things up a little if I can, and learn something
> in the process too.

http://watchguard.custhelp.com/cgi-bin/watchguard.cfg/php/enduser/std_adp.php?p_faqid=2693&p_created=1261693823&p_si d=6LxEzWTj&p_accessibility=0&p_redirect=&p_lva=&p_ sp=cF9zcmNoPTEmcF9zb3J0X2J5PSZwX2dyaWRzb3J0PSZwX3J vd19jbnQ9MTksMTkmcF9wcm9kcz0wJnBfY2F0cz0mcF9wdj0mc F9jdj0mcF9wYWdlPTEmcF9zZWFyY2hfdGV4dD1saW51eA**&p_ li=&p_topview=1

when line wrap and size matter:
http://tinyurl.com/yfsblm7

The information you will find there is not a complete solution. It should,
however, provide you with serious background information which should be helpful
in coordinating with your admin to get the VPN setup correctly on both ends.
Looks like you'll probably end up using SSL for the VPN tunnel encryption.

--
Stan


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 11:43 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org