Building Linux Virtual Private Networks (VPNs)Building Linux Virtual Private Networks (VPNs) focuses on showing you how to get your Linux VPN up and running as quickly as possible. You will learn VPN theory and fundamentals and will master important techniques and tools needed to design and set up your VPN in a reliable, secure, and cost-effective fashion. This book offers concise, step-by-step instructions for building VPNs based on both standard protocols (IPsec, SSL, SSH, PPTP) and popular Linux VPN solutions (VTun, cIPe, tinc). Through numerous examples and proven practices, you will gain important insights into choosing a VPN solution, installing and configuring it, setting up routing, configuring firewalls, measuring performance, and much more. |
Contents
Virtual Private Networks | 1 |
Introduction to VPNs | 3 |
What is a VPN? | 4 |
VPN Topologies | 15 |
Advantages and Disadvantages of VPNs | 18 |
Making VPNs Secure | 22 |
Making the Decision On Using a VPN | 26 |
VPN Groups | 28 |
FreeSWAN Compilation | 169 |
Configuring FreeSWAN | 178 |
Running and Troubleshooting FreeSWAN | 193 |
Summary | 197 |
PPTP | 199 |
The PPTP Protocol | 200 |
Installing pppmppe | 204 |
Building a PPTP VPN Client | 209 |
VPN Protocols | 29 |
Summary | 32 |
VPN Fundamentals | 33 |
Considerations | 36 |
VPN and Firewall Interaction | 41 |
Networking Issues | 49 |
Logging | 59 |
Performance | 60 |
Summary | 62 |
Implementing Standard VPN Protocols | 65 |
Building a VPN with SSH and PPP | 67 |
Setting up PPP over SSH Manually | 71 |
Increasing the Security of Your VPN | 81 |
VPN Scripts | 85 |
Troubleshooting | 98 |
Limitations | 99 |
Summary | 100 |
Building a VPN with SSLTLS and PPP | 101 |
Setting up PPP over SSLTLS Manually | 106 |
VPN Scripts | 120 |
Troubleshooting | 131 |
Limitations | 132 |
IPSec | 133 |
Creating a VPN with IPSec | 156 |
IPSec Road Warriors | 157 |
Opportunistic Encryption | 161 |
Limitations and Conclusions | 162 |
Summary | 163 |
FreeSWAN | 165 |
Planning Your VPN | 167 |
Building a PPTP VPN Server | 219 |
Troubleshooting | 226 |
Summary | 228 |
Implementing Nonstandard VPN Protocols | 229 |
VTun | 231 |
Dependencies | 239 |
Compiling VTun | 245 |
VTun Configuration | 247 |
Troubleshooting | 261 |
Compatibility | 262 |
Summary | 263 |
cIPe | 265 |
Installation | 268 |
CIPE Configuration | 273 |
Using CIPE | 286 |
Limitations | 305 |
tinc | 307 |
Installation | 309 |
Configuration | 315 |
Using tinc | 326 |
Troubleshooting | 340 |
Limitations | 343 |
Appendices | 345 |
Commercial Solutions | 347 |
Selecting a Cipher | 351 |
Essential Cipher Parameters | 352 |
Selection Criteria | 354 |
Glossary | 359 |
| 363 | |
Other editions - View all
Common terms and phrases
algorithm arguments authentication bears-server certificate chapter chmod CIPE Tunneling command-line compile compression config create cryptographic daemon debug default device dynamic IP enable Encapsulating encryption establish eth0 eth1 ethernet ethertap example falcons-client firewall following command FreeS/WAN hash header host configuration file host-host host-network ifconfig inetd install Internet IP address ip-up ipchains IPSec ISAKMP kernel module Linux distributions machine manually mode mppe netmask network-network OpenSSL Opportunistic Encryption options output package parameters password Payload peer ping pkcipe point-to-point port PPP connection ppp-mppe pppd PPTP pptp-command pptpd protection protocol public key remote root route add routing table scenario script specified SSL/TLS sslvpn static subnet sudo sure TCP Wrappers tcpdump tinc traffic Troubleshooting TUN/TAP TUN/TAP driver verify VPN client VPN gateway VPN server vpn_config vpn1 VTun vtund Zlib