[SLL] IPSec VPN Client

Ted Stern dodecatheon at gmail.com
Wed Nov 28 11:49:48 PST 2007 

See this article also.  It is definitely possible -- the question is
whether your VPN host provides it (it costs ~$7K, which would pay off
if you have more than 70 employees who would otherwise need to
purchase $100 software licenses).

http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1239303,00.html

-- Ted

On 28 Nov 2007 11:45:48 -0800, Ted Stern wrote:
>
> On 28 Nov 2007 11:11:46 -0800, Eric Kahklen wrote:
>>
>> I am looking for an IPSec VPN Client for my Ubuntu Notebook similar to
>> VPN Tracker on OS X.  I need to connect to a Sonicwall IPSec VPN.
>>
>> Thanks,
>> Eric
>
> Hi,
>
> I know of IPSec VPN clients but they cost something like $95 for the
> first year with a $25/yr maintenance contract.  Bleagh.
>
> Sonicwall has an SSL VPN client available.  Can you use that?  This is
> a kind of VPN that runs in a browser.  I know this is possible because
> I see something like that here:
>
>           https://sslvpn.demo.sonicwall.com/cgi-bin/welcome
>
> Depending on the implementation, it may be possible to use sslvpn as a
> poor (net-savvy) person's VPN.  You can do this if the SSL VPN server
> provides some kind of Java Secure Applications Manager.  Modify the
> settings of the JSAM to add a new client application for SSH, which
> should connect to a particular remote host with client port 2222 (for
> example) and remote port 22.
>
> Because the JSAM will want to modify the /etc/hosts file when it makes
> the connection, you will need to chmod your local /etc/hosts file
> group writable and give it a special group ID, 'sslvpn' for example,
> and then add your username to the new group ID.
>
> To make things convenient, I create a $HOME/.ssh/config stanza of the
> form
>
>     Host remote.host.name
>        Host          localhost
>        Port          2222
>        User          <my remote username>
>        HostKeyAlias  remote.host.name
>
> I can then use ssh to connect to my remote host in a terminal, or even
> start up vncviewer via ssh:
>
>       ssh -via remote.host.name -FullScreen :1
>
> Magic :-).
>
> Ted

-- 
 dodecatheon at gmail dot com
 Frango ut patefaciam -- I break so that I may reveal

More information about the linux-list mailing list