commercial use $390 - ClarkConnect less, Smoothwall more

probably worthwhile but I may could brew a free option myself.

Thanks,

Craig

On Wed, 2004-01-14 at 10:13, Gary Nichols wrote:
> You should really look at http://www.astaro.com.   It does exactly what
> you want to do.  There is a free hobbyist license too.
> 
> 
> On Wed, 14 Jan 2004, Craig White wrote:
> 
> > I was planning on using Smoothwall to set up as a firewall router for a
> > clients' network - I had used it in the past with some success. I have
> > come to realize that their opensource release doesn't support multiple
> > external ip addresses and that is a requirement.
> >
> > Part of the functionality I am looking for is to permit some users to
> > work from home and Windows clients can use L2TP/IPSec to VPN into the
> > lan and spent some time examining the documentation for this on
> > Microsoft's web site. I could always use 1 or more of the WinXP
> > Professional Workstations to handle the VPN connections but these
> > machines would have to be on 24/7, are limited to 3 concurrent
> > connections (I may never exceed this, but if it's as popular as I think
> > it will be, I might need to exceed this) and then there's the whole
> > issue of logging and security that is most difficult to monitor.
> >
> > Thus, I am revisiting the entire option of firewall/router and FreeS/wan
> > and I am wondering:
> >
> > 1 - Is there an open source package that includes support for
> > kernel/freeS/wan updates that I could use and still be able to dmz
> > multiple external ip addresses?
> >
> > 2 - Is anyone currently doing this? Any recommendations? If I use say a
> > Red Hat distro, every time there is a kernel security errata (a little
> > too frequently these days), I would have to either rebuild the kernel or
> > rebuild the freeS/wan module - a PITA (makes a ClarkConnect system for
> > $125 look attractive).
> >
> > 3 - Is there any web pages / info that can tell me how to use openssl to
> > create certificates which are acceptable to Windows 2000/XP clients that
> > I can give to remote clients to use to authenticate themselves with
> > freeS/wan or should I stay with PSK?
> 
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change  you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss