Re: Can't find suitable firewall/VPN software for dynamic IPs
From: Chris (ceo_at_nospan.on.net)
Date: Thu, 11 Mar 2004 18:00:00 GMT
> Leythos <firstname.lastname@example.org> wrote:
>>In article <email@example.com>, firstname.lastname@example.org
>>>Is there _any_ open source firewall solution that provides VPN endpoints
>>>with dynamic IPs, and supports Microsoft (or free) VPN clients for Windows
>>A simple Linksys VPN router will do all of this an more. The VPN routers
>>allow IPSec over dynamic IP's using the user name and key method.
> Personally, if I were going hardware, I'd use a Netopia -- say, their
> 3381-ENT. It's more flexible.
> But I wanted an open source software-based solution, and although I plenty
> of mention of dynamic DNS, I see little about dynamic IPs for VPN
> For example, the SmoothWall FAW says:
>>< Pre-shared Key (PSK/Shared Secret) authentication and Dynamic IP
>>< addresses are not compatible. This is a general VPN issue and is
>>< not specific to SmoothWall systems.
>>< The SmoothTunnel and SmoothNode VPN Add-On modules for Corporate
>>< Server both support dynamic IP addresses.
> Admittedly, I wasn't really thinking of IPsec with dynamic IPs, although
> it's an intriguing possibility. But I don't see any simple, open source
> solutions for that, either.
> The hardware firewall solution certainly looks better at the moment.
Have you looked at m0n0wall? It's FreeBSD based, which originally
caused me some skepticism, but I'm using it as my FW applicance now.
EXTREMELY nice. High-powered for $0. (Unbelieveable) Comes with an
ISO if you want to run on commodity PC HW (read "junk 486 with two
NICs"), or will run with a nice footprint using Soekris Engineering
boards. I didn't read all your requirements, but I think you would be
surprised. Blows Smoothwall out of the water IMO. OTS fw/routers
(Linksys, Netgear, etc.) don't even compare.