On Demand VPN
Lisa Kachold
lisakachold at obnosis.com
Sun Sep 25 10:42:38 MST 2011
Hi Jason,
On Sun, Sep 25, 2011 at 9:07 AM, Jason Holtzapple <ml at bitflip.net> wrote:
> On 09/23/2011 09:17 AM, Kevin Fries wrote:
> > * When I am not in the office, and I try to go to a location (by name
> > or IP) that is within a specified range, I want the VPN to activate, and
> > route all traffic only for the office over it, while allowing all other
> > traffic to go out via the normal, primary, connection.
>
I am assuming that you are using Ubuntu:
http://geekyprojects.com/ubuntu/ubuntu-vpn-connection/
and using pptp?
http://www.youtube.com/watch?v=t3v7xoLi254
Or are you using the VPN on Demand Browser Java/ActiveX plugin:
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk62410
Perhaps this an OS X On Demand VPN dmg?
>
> You will want to turn on the "Use this connection only for resources not
> on this network" option in the Routes... dialog box of your vpn config.
>
> As far as the automatic activation of VPN, I am not sure how to do that,
> it might be possible using some custom scripts in /etc/network/if*/*.
> I've used an if-up.d script to disable the wireless radio and interface
> if a wired connection is detected, for instance.
>
I use OpenVPN Access Server which provides a web based portal to configure a
client that will push internal networks or allow you to configure each. It
allows for VPN server to server tunnels also. The OpenVPNas OpenSource
version comes with a license for 2 clients, and allows you to reuse these
different clients for simultaneous connections. If you configure it to
push a network that does not exist (in that connection but exists in
another) it will simply continue doing what it can.
Here's a demo showing how to bypass firewall and traffic shaping:
https://www.zazeen.com/OpenVPN/index.html
OpenVPNAS server packages install with a simple dpkg or rpm install and two
or three configuration changes:
http://openvpn.net/index.php/access-server/docs/admin-guides/123-how-to-install-openvpn-as-software.html
OpenVPN clients are available for Windows, Mac, and Linux:
http://openvpn.net/index.php?option=com_content&id=357
You download the config file and certificate as a package and place into
your configuration directory after authenticating to the OpenVPN Access
Server web portal (automatically created for you) which can run on an
alternate port as you specify during setup.
If you are running a Endian Community Edition Firewall
<http://www.endian.com/en/community/about/>(that installs with WiFi, Squid
proxy, Mail Scanner, and Web Proxy, with SNORT and iptables-ebtables all
integrated to an easy to use web based management portal) or a ClearOS
firewall <http://www.clearfoundation.com/Software/overview.html>, OpenVPN
comes all ready to add a tunnel between your other servers. Both EFW Endian
and ClearOS install as an ISO and are very easy to configure, even allowing
command line import of IPTABLES, using dnsmasq for additional security and
speed.
--
(503) 754-4452 AT&T
(602) 791-8002 Android
(623) 239-3392 Skype
(623) 688-3392 Google Voice
**
HomeSmartArizona.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20110925/56669a65/attachment.html>
More information about the PLUG-discuss
mailing list