Re: OpenVPN [was: IPSec VPN docs]
by Brian Johnson
I was playing with this to try to set up some vpns
I would like my laptop to automagically create a VPN to work when I'm at home
and to my home server when I'm at work
I was trying to use the xinetd files and the home and office sample configs.
Is there something that would prevent my from using the sample files on the
same LAN? I was trying to create a VPN from 192.168.2.2 (using the office
sample) to my laptop at 192.168.2.192 (using the home sample)
Do the defaults in the sample scripts need to be uncommented or are they
internal program defaults?
Florin Andrei (florin(a)andrei.myip.org) wrote:
>
> On Fri, 2004-03-26 at 11:24, Mark Haney wrote:
> > Hey thanks for that. I might try that if the DLINK people can't give me
> > what I need. I found a FreeSWAN doc about setting up an IPSec VPN from a
> > DLINK firewall but it was in Russian, and since my Russian is rusty
> > (*cough, non existant, cough*), it really hasn't helped much. If FreeSWAN
> > doesn't jive, I'll try that with the DLINK.
>
> Just remember, OpenVPN is not based on IPSec and it cannot interoperate
> with IPSec-based VPN devices.
> I'm not sure what your DLINK thing is, but if it's some kind of VPN
> server appliance, and it's based on IPSec, an OpenVPN client will not be
> able to connect to it; so, you cannot try OpenVPN "with the DLINK".
>
> What you can do, though, is to install a Linux box and configure it as
> an OpenVPN server. Quite a few people are actually using their Linux
> firewalls as OpenVPN servers - maybe not the absolute best idea from a
> technical p.o.v., but it's cheap and simple (it's the situation
> described in the howto on fedoranews.org).
>
> Good luck,
>
> > On 26 Mar 2004 11:06:25 -0800, Florin Andrei <florin(a)andrei.myip.org>
> > wrote:
> >
> > > On Sun, 2004-03-21 at 12:07, Mark Haney wrote:
> > >> I'm trying to get a VPN setup between my FC1 box at home and a DLink
> > >> DFL300 at my office so I can do some things securely without having to
> > >> make the 30 minute drive in to work to fix stuff. I've googled the
> > >> subject and the amount of documentation is pretty immense. Can someone
> > >> give me a shortened version what I need to configure or point me to a
> > >> good
> > >> step by step doc on how to do it?
> > >
> > > Well, if IPSec is not a specific requirement, and if you actually could
> > > use any VPN solution that's simple to install, secure and feature-rich,
> > > have a look at OpenVPN:
> > >
> > > http://openvpn.sourceforge.net/
> > >
> > > A brief "cookbook recipe" HOWTO:
> > >
> > > http://fedoranews.org/contributors/florin_andrei/openvpn/
> > >
> > > IPSec VPN (like FreeS/WAN) is nice because it's compatible with all
> > > kinds of VPN devices and software.
> > > However, it can be a pain to install, even more so if you're using
> > > Windows clients (but Linux is not a lot simpler, especially if you have
> > > non-geek users). Also, it is very, very picky if there are firewalls in
> > > between, especially if you go through NAT.
> > >
> > > OpenVPN is very simple to install, it does not require weird kernel
> > > patches, it is firewall-friendly, works just fine with Windows (and
> > > Solaris, and BSD), can tunnel through proxies, etc.
> > >
> > > It is not a typical "SSL VPN" - i mean, it is not a browser-based VPN,
> > > even though it's using SSL to encrypt the tunnel. Think of it as exactly
> > > the same thing as FreeS/WAN except it's using SSL instead of IPSec;
> > > otherwise, it can route arbitrary IP protocols, it does not require a
> > > browser, etc.
> > > Just like FreeS/WAN, but without the pain.
> > >
> >
> >
> >
> > --
> > Estne volumen in toga, an solum tibi libet me videre?
> >
> > Mark Haney
> > Development, Systems and Network Administration
> > DoctorDirectory.com
> > http://www.doctordirectory.com
>
> http://florin.myip.org/
>
>
>
20 years, 1 month
Re: vncserver cuestion
by Brian Johnson
I've tried adding -securitytypes none to my args in
/etc/xinetd.d/vncserver.xinetd and it didn't solve my problems
William Hooper (whooperhsd3(a)earthlink.net) wrote:
>
>
> Brian Johnson said:
> > I'm trying to use the xinetd style of vncserver but for the life of me
> > can't
> > get it to work
> >
> > I don't understand what may have changed since the last time I set this up
> > (with Redhat 8)
>
> Well, both the VNC version (3.3 -> 4 beta4) and distro (TightVNC -> RealVNC).
>
> > Basically, I enabled XDMCP and I have thin clients and x terminals working
> > so
> > I don't understand what might be different with vnc
> >
> > I also added appropriate lines in /etc/services and added a file to
> > /etc/xinetd.d to run the vnc session
>
> I believe the only thing you have to add is the "-SecurityTypes None", but
> it would be easier if you gave us what you are trying to use.
>
>
>
>
20 years, 1 month
Re: vncserver cuestion
by Brian Johnson
I followed this link and had it all already done.
I tried doing an nmap and port 177 looked good
I tried to telnet to a couple of ports like 5950 but couldn't connect at all
Brian Chase (networkr0(a)cfl.rr.com) wrote:
>
> http://www.sourcecodecorner.com/articles/vnc/linux.asp
>
> Brian Johnson wrote:
>
> > I'm trying to use the xinetd style of vncserver but for the life of me can't
> > get it to work
> >
> > I don't understand what may have changed since the last time I set this up
> > (with Redhat 8)
> >
> > Basically, I enabled XDMCP and I have thin clients and x terminals working so
> > I don't understand what might be different with vnc
> >
> > I also added appropriate lines in /etc/services and added a file to
> > /etc/xinetd.d to run the vnc session
> >
> >
> >
> >
> > Ruben Lacasa Mas (r_lacasa(a)wanadoo.es) wrote:
> >
> >>Hi everybody
> >>I am using a fedora-core 1 and when I login to fedora with vncclient it
> >>shows a fwm eviroment, and i like to use a gnome enviroment.
> >>Thanks.
> >>
> >>
> >>
> >
> >
> >
>
>
> http://openalternatives.net
>
>
>
20 years, 1 month
Viewing Hindi/devanagri/indic languages
by Sandeep Shekhar Prasad
I am facing problems viewing websites having hindi or any other Indian
languages in FC1 irrespective of the browser. How can and where from can I
get the hindi fonts and how to install them to help me view the Indian
Languages sites.
I will appreciate all the responses.
--
20 years, 1 month
knfsd -- Fedora nfs is slow
by Guolin Cheng
Hi, all,
I got Fedora FC1 boxes running customized 2.4.25 vanlina kernel, But the nfs speed is way low. I compared the dmesg output from original default kernel 2.4.22-1.2174.nptlsmp amd my new compiled kernel, and find the orignal default kernel reports:
....
Installing knfsd (copyright (C) 1996 okir(a)monad.swb.de).
But the newly customized vanlina 2.4.25 kernel doesn't report the above line, is that the problem? I definitely enable nfs v2/v3 support in 2.4.25 and it works with slow speed.
Thanks a lot.
--Guolin Cheng
20 years, 1 month
network cards falls into promiscuous mode :( - more
by Guolin Cheng
Hi,
I realized I compiled the IP-tables code into kernel, Is that the problem? , I mean, it will still place the network card into promiscuous mode even I don't use IP-Tables program?
I fgiured out that ethtool|ifconfig combined can turn of promiscuous mode, TX/RX flow control. Thanks.
Thanks.
--Guolin Cheng
-----Original Message-----
From: Guolin Cheng
Sent: Monday, March 29, 2004 5:44 PM
To: Fedora (E-mail)
Subject: network cards falls into promiscuous mode :(
Hi,
Anyone has the same problem as me? I got two FC1 machines with upgraded kernel 2.4.22-1.2174.nptlsmp, the kernel reports that network falls into "promiscuous" mode. That's really annoying, thinking about 600 boxes falls into promiscuous at the same time.. :) It assumes slower as well, right? and each one pokes into other's business. How the kernel guy has this ..... idea?
I recompile a new 2.4.25 kernel, turned off "multicast" related options, and then restart machine, but the problem still keeps there. Any one know how to turn off this "feature", either though kernel recompiling, or on-line change it through /proc/net/* or /etc/sysctl.conf?
Thanks.
--Guolin Cheng
hello06.example.com user1 148% uname -a
Linux hello06.example.com 2.4.22-1.2174.nptlsmp #1 SMP Wed Feb 18 16:21:50 EST 2004 i686 i686 i386 GNU/Linux
hello06.alexa.com guolin 149% dmesg | tail -5
ip_tables: (C) 2000-2002 Netfilter core team
tg3: eth0: Link is up at 100 Mbps, full duplex.
tg3: eth0: Flow control is off for TX and off for RX.
device eth0 entered promiscuous mode
Installing knfsd (copyright (C) 1996 okir(a)monad.swb.de).
--
fedora-list mailing list
fedora-list(a)redhat.com
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
20 years, 1 month
network cards falls into promiscuous mode :(
by Guolin Cheng
Hi,
Anyone has the same problem as me? I got two FC1 machines with upgraded kernel 2.4.22-1.2174.nptlsmp, the kernel reports that network falls into "promiscuous" mode. That's really annoying, thinking about 600 boxes falls into promiscuous at the same time.. :) It assumes slower as well, right? and each one pokes into other's business. How the kernel guy has this ..... idea?
I recompile a new 2.4.25 kernel, turned off "multicast" related options, and then restart machine, but the problem still keeps there. Any one know how to turn off this "feature", either though kernel recompiling, or on-line change it through /proc/net/* or /etc/sysctl.conf?
Thanks.
--Guolin Cheng
hello06.example.com user1 148% uname -a
Linux hello06.example.com 2.4.22-1.2174.nptlsmp #1 SMP Wed Feb 18 16:21:50 EST 2004 i686 i686 i386 GNU/Linux
hello06.alexa.com guolin 149% dmesg | tail -5
ip_tables: (C) 2000-2002 Netfilter core team
tg3: eth0: Link is up at 100 Mbps, full duplex.
tg3: eth0: Flow control is off for TX and off for RX.
device eth0 entered promiscuous mode
Installing knfsd (copyright (C) 1996 okir(a)monad.swb.de).
20 years, 1 month
re: OFFTOPIC: Kipling Pranks
by Mike Tibbar
>I'm sure there are a few engineers on this list who will appreciate
>this. Maybe seeing some of todays Kipling pranks will bring back the
>old memories.
>
>http://www.cas.mcmaster.ca/~nesscg/kipling04/
>
>Cheers,
>Chris
Kipling pranks at Mac have been at their worst the past few years. They
were stellar in the late mid - late 90s. Based on the pictures, they were
extremely lacking again this year... They should hire some commerce
students as consultants to help expand their creativity.
Mike
_________________________________________________________________
MSN Premium includes powerful parental controls and get 2 months FREE*
http://join.msn.com/?pgmarket=en-ca&page=byoa/prem&xAPID=1994&DI=1034&SU=...
20 years, 1 month
Re: vncserver cuestion
by Brian Johnson
I'm trying to use the xinetd style of vncserver but for the life of me can't
get it to work
I don't understand what may have changed since the last time I set this up
(with Redhat 8)
Basically, I enabled XDMCP and I have thin clients and x terminals working so
I don't understand what might be different with vnc
I also added appropriate lines in /etc/services and added a file to
/etc/xinetd.d to run the vnc session
Ruben Lacasa Mas (r_lacasa(a)wanadoo.es) wrote:
>
> Hi everybody
> I am using a fedora-core 1 and when I login to fedora with vncclient it
> shows a fwm eviroment, and i like to use a gnome enviroment.
> Thanks.
>
>
>
20 years, 1 month
