<< | Thread Index | >> ]    [ << | Date Index | >> ]

To: cipe-l,AT,inka,DOT,de
Subject: Re: site to site VPN
From: "Renato Salles" <rsalles,AT,rsnetservices,DOT,com,DOT,br>
Date: Mon, 15 Sep 2003 13:21:48 -0300 (BRT)
Importance: Normal
In-reply-to: <OFF6651E5C.36A8F507-ON85256DA2.005313BF@bmc-pos.com>
References: <OFF6651E5C.36A8F507-ON85256DA2.005313BF@bmc-pos.com>
Reply-to: rsalles,AT,rsnetservices,DOT,com,DOT,br

Dear Mr. bhein:

bhein,AT,bmc-pos,DOT,com disse:
>
>
> Have you worked much with CIPE on win32?
> I installed it yesterday on my laptop and have since had two bluescreens
> (each is a dump&reboot), two instances of the CIPE service pulling 100%
> CPU, and upon each boot up the CIPE service fails to load and requires a
> manual restart from services in the control panel.
>
> At this point, unfortunately I cannot recommend CIPE as a VPN solution to
> my company, since all of our roadwarriors run win32.

This is crazy, you cannot recomend cipe for a VPN solution because
yesterday you made a cipe vpn link setup in your laptop and it didn't run
as expected?
Why didn't you addressed your need for help to this maillist? This is
better than "not recomending".

>
>
> Just wondering if you or anyone else has comments on the matter.
>
Yes, i do. What i've already done with:
CIPE running with: RedHat Linux 8.0/ 9.0 X M$Win2k SP4 M$Win2k Server SP4.
How many times? 12 VPN peers, until now.
Hardware running: Toshiba Satellite from 150/800 Mgh, from MMX to Celeron
Processors, Athlon XP 1.1 till 2.4 Ghz, Pentium II, II and IV. Not yet:
WinXP ( many users wrote this is possible, but i had'nt the chance to test
myself) M$WinNT (Probably never will, this release is outdated by latest
M$XP).
A friend of myne has some installs under SMB hardware.

The first was the more difficult: routing and firewall had to be
re-dedsigned to fit the new capabilities.

HTH,

RSalles

PS: If you think it is easy to manage all the variables involved in a
project like LAN-TO-LAN CIPE VPN integration and would like to follow the
steps i've made, search for the "No Way" topic at this maillist sended few
months ago by me...

Best Regards,

RSalles

>
>
>
>
> --Brad
>
>
>
>
>
>
>                       "Russell Berry"
>                       <russ,AT,berrex,DOT,com>        To:
> <keith,AT,theargoncompany,DOT,com>, <cipe-l,AT,inka,DOT,de>
>                       Sent by:                 cc:
>                       owner-cipe-l@inka        Subject:  Re: site to site
> vpn
>                       .de
>
>
>                       09/15/2003 10:45
>                       AM
>
>
>
>
>
>
> Hello Keith,
>
> CIPE is perfectly suited to your needs.  I have the setup in place for
> many
> clients worldwide.  I personally chose cipe long ago before it was in any
> distribution because of its security and manageability.  Many of my
> clients
> have 'remote' or branch offices/sites in various geographic locations.
> Some
> spanning multiple continents.  So the costs involved for them to lease a
> dedicated line to another site can quickly become prohibitive.  CIPE
> allows
> for a secure tunnel through any medium, thus giving them even more
> security
> than a dedicated line for the cost of a standard high speed internet
> connection. Since CIPE tunnels all traffic encapsulated inside UDP
> packets,
> your traffic is 'invisible' to the casual snooper/sniffer.  Some people
> don't like the private key mechanism, I happen to prefer it, so CIPE has
> always been the perfect solution for me.  As for support, the fine people
> on
> this list will help you from the most trivial to the most obfuscated
> implementations you can think of.
>
> I have 'evaluated' other tunnel forms, including IPSEC devices, freeswan,
> etc.  Nothing stacks up to CIPE for my needs.  My clients include private
> coroporations, government offices, financial institutions, academia,
> medical
> community, etc.  Some of the connections are very critical and even have
> failover configurations with secondary connections available, and they ALL
> have strong security needs.  They trust my company with all their data and
> data security, and I trust CIPE.
>
> I sound like a CIPE commercial!  That's okay, I believe in it, I'd do a
> commercial for free!
>
> Regards,
> ---russ
>
>
> Russell Berry
> Berrex Computer Solutions
> http://www.berrex.com
> Russ,AT,berrex,DOT,com
> 1-877-558-9507
> ----- Original Message -----
> From: "Keith Fernandez" <keith,AT,theargoncompany,DOT,com>
> To: <cipe-l,AT,inka,DOT,de>
> Sent: Monday, September 15, 2003 10:21 AM
> Subject: site to site vpn
>
>
>> Hi,
>>
>> I have two offices, where I need to allow the machines in one office to
> access
>> the machines in the other office.
>> Is that possible with just using CIPE.
>> Is there something besides setting up CIPE that I need to do...
>>
>> My requirement
>> I want the machines from both subnets to see machines from other subnets
> as
>> though they are on the same network, to acess services like samba,
>> mail(pop/smtp), etc..
>>
>> What I have
>> The two network's have differnet private addressing's for the subnets
>> 192.168.0.0/24 192.168.100.0/24
>> We have fast static public IP addresses to the internet...
>>
>> This is possible with SuperFreeSWAN... If I can do this with CIPE, I
> would
>> like to switch over to cipe, since redhat has support for CIPE, and I
> wont
>> have to patch and compile kernels....
>>
>> Thanks in advance.....
>>
>> Regards,
>> Keith
>> --
>> "I asked for strength and God gave me difficulties to make me strong.
>> I asked for Wisdom... and God gave me problems to solve.
>> I received nothing I wanted... But I received everything I needed."
>>
>> --
>> Message sent by the cipe-l,AT,inka,DOT,de mailing list.
>> Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
>> Other commands available with "help" in body to the same address.
>> CIPE info and list archive:
> <URL:http://sites.inka.de/~bigred/devel/cipe.html>
>
>
> --
> Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> Other commands available with "help" in body to the same address.
> CIPE info and list archive: <URL:
> http://sites.inka.de/~bigred/devel/cipe.html>
>
>
>
>
>
>
> --
> Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> Other commands available with "help" in body to the same address.
> CIPE info and list archive:
> <URL:http://sites.inka.de/~bigred/devel/cipe.html>
>

-- 
Renato Salles
Ger.Geral
RSNetServices


<< | Thread Index | >> ]    [ << | Date Index | >> ]