[NTLUG:Discuss] VPN Masquerading and RedHat 6.1
briank@hex.net
briank at hex.net
Sat Mar 18 22:24:02 CST 2000
On Sat, Mar 18, 2000 at 07:38:57PM -0600, Bob Byron wrote:
> Has anyone implemented VPN masquerading on RedHat 6.1.
I run masqueraded VPN via my Linux firewall in a configuration
that looks exactly like the one you depicted, using a stock 2.2.12
kernel patched with the VPN masq patch.
> 1) Given the above architecture, do I want to use ipportfw? It seems to me
> the ipportfw setup is designed to route all VPN connections requests to a
> single pc, not multiple like I have in the above scenario.
You do not need ipportfw if you will simply be using the Linux box as
a firewall and not a server.
> 2) Does the 2.2.12 kernel have everything I need or is a recompile of the
> kernel necessary? I am leaning towards recompiling and including the
> ip_masq_vpn module.
You need to apply the VPN patch for the 2.2.12 kernel, and then
recompile. This is because you have to enable the Experimental kernel
option, plus some other network-related options, with 'make
xconfig' (highly recommended over 'make config').
The most difficult part of the procedure for me was setting up the
ipchains correctly. But I was pleasantly surprised when I was able to
communicate from my NT laptop to the NT server via the Linux firewall!
--Brian
More information about the Discuss
mailing list