Route and vpnc
Tony Arnold
tony.arnold at manchester.ac.uk
Sun Mar 5 11:24:23 UTC 2006
Kenneth,
Kenneth P. Turvey wrote:
> I use vpnc to connect to the Universities wireless system and to gain
> access to the Beowulf cluster on campus. When I use it to connect to the
> wireless network, I would like all of my IP traffic to be directed through
> the university's network, but when I use it at home to connect to a single
> machine on campus, I would like all of my network traffic to be handled
> normally, except that destined for the university network.
What you are lookig for is split horizons support in vpnc. I don't know
if that is there. It's potentially risky as it can allow traffic from
other networks through your machine and down the vpn tunnel you've
created, thus opening a huge security hole in your university defenses.
> I have yet to get it to really work well.
>
> In addition to this, I would rather use my ISPs name servers when they are
> available. Resolvconf seems to be resetting them without asking any
> quesitons.
Unless you have the split horizons support, you won't be able to reach
your ISPs name servers once the vpn tunnel has been established. Hence
the use of your University name servers.
We use the Cisco VPN server at Manchester and I've successfully run the
Cisco VPN client for Linux. I've not experimented with split horizons
though.
Regards,
Tony.
--
Tony Arnold, IT Security Coordinator, University of Manchester,
IT Services Division, Kilburn Building, Oxford Road, Manchester M13 9PL.
T: +44 (0)161 275 6093, F: +44 (0)870 136 1004, M: +44 (0)773 330 0039
E: tony.arnold at manchester.ac.uk, H: http://www.man.ac.uk/Tony.Arnold
More information about the ubuntu-users
mailing list