VPN connection question

Patton Echols p.echols at comcast.net
Fri Sep 28 01:06:34 UTC 2007

On 09/27/2007 05:32 PM, NoOp wrote:
> On 09/27/2007 04:12 PM, David Vincent wrote:
>> Patton Echols wrote:
>>> On 09/25/2007 09:34 PM, Gary Jarrel wrote:
>>>> To be honest, I do not use the Network Manager for VPN connections. So
>>>> if it's noty vital for you and you can get away with using PPTP then I
>>>> would recommend pptpconfig.
>> ...without reading the rest of this thread...FYI NM has plugins for PPTP 
>> and OpenVPN which work quite well...
>> network-manager-pptp
>> network-manager-openvpn
>> -d
> Unfortunately that doesn't address setting up Ipsec sessions.
> http://en.wikipedia.org/wiki/Point-to-point_tunneling_protocol
> http://en.wikipedia.org/wiki/Ipsec
> http://en.wikipedia.org/wiki/OpenVPN
> The routers that we are discussing (BEFXSX41 & BEFVP41) implement ipsec
> encryption in hardware within the router, thereby eliminating the need
> to employ ipsec client software _if_ the VPN is setup and connected
> router to router.
> The problem that Patton is trying to solve (as I understand it), is how
> best to connect into his BEFSX41 via a remote connection from his laptop
> utilizing the ipsec firmware in his SX41. Because his laptop doesn't
> have ipsec firmware, he'll need to install an ipsec client in the
> laptop. I have a similar issue in that I want to use ipsec with my
> BEFVP41 in the very near future.
Exactly.  My primary desire is to get to my own desktop machine.  But 
from time to time, I need to get into my assistant's machine.  As I 
understand it, this is best done by setting up the tunnel to the router, 
then doing a vnc or remote desktop to the appropriate machine.


> If Patton simply wishes to connect into his home PC from his wireless he
> can use a VNC connection. That can be plain or encrypted - I do it all
> the time. But if he wants to create an ipsec VPN connection into the
> BEFSX41 he'll need to have an ipsec client on the remote side.

Truth is I didn't think much about this possibility.  If I wanted to do 
just a VNC, how would I do that?  Set the Router for port forwarding to 
the appropriate machine?  Don't I still need an encryption solution?

I guess I'm a bit reluctant for two reasons:
First, since the machines inside are WinXP boxes, I'd need a VNC server 
on each one I want to access (Just one more thing) But the Terminal 
Service Client on my laptop connects natively to the Remote Desktop 
built into XP

Second, again since the machines are XP, I don't really want to have 
random port scans forwarded to my XP box.  I'm not sure I trust Gates 
and Co. to protect those machines.  I think (though I suppose I really 
don't know) that the VPN opening in my router will be much harder to 
crack than my XP desktop.

More information about the ubuntu-users mailing list