Yes, I will be getting in to a VPN configuration eventually but I have some initial questions on what to connect to.
Using a VPN to access your own network from a different location, (talking host-to-net / roadwarrior concept here) is a very basic statement that covers many different scenarios.
connect to IPFire
connect to a desktop
connect to a dedicated server
etcetera…
Then there are considerations for IPSec and OenVPN to deal with.
I am leaning towards IPSec, but it seems it only connects to an alias on the RED interface and to be honest I do not know what that means in this context.
This means that if you don’t have the static RED and aliases defined then you can not enter anything into the section labelled Local IP Address. It can only have the entry as shown here:-
but I believe you can still have an IPSec RW connection based on the above.
The above is my interpretation and understanding based on the wiki but bear in mind I have not yet set up any IPSec tunnels, only OpenVPN RW & N2N.
Thanks. I assume it would depend on how often my ISP changes the IP. The service is dynamic, so it will not be a fixed IP. If I read you right and from within the scope of IPFire an IPSec configuration will probably not be a good long term solution.
To my other question, what to connect to.
Long time ago I hade a dynamic DNS (DynDNS) with a software IP updater connecting via RDP and a custom port to my desktop. Those were the days…
Now I am probably looking at using a virtual machine on one of my servers for local RDP connections to other virtual servers and local desktops… A gateway system, if the term fits. Since I primarily work in Windows RDP would be my first choice, but I guess Linux with QEMU might work as well.
So I guess an OpenVPN directed to the “gateway machine” local IP would be relevant. I am not sure on how to use DMZ in this context, is it relevant at all? If I want to access a machine on GREEN I have to go via RED?
Indeed, but what do you have at the end of the line? Your entre network so you can do a quick access to any of your servers and desktops? One instance from which you access that? Only IPFire? Only a Terminal?
I am curious as to what people choose to connect to and how they set up that.
For some a Terminal is enough, I want to access “everything”… well, that all that I can normally access from my local network.
You can set the IP for your VPN or use a dynamic IP.
You can set the ZONES you can access.
You can set up firewall rules for the VPN clients.
this may be used to limit access., I would think…
I am more after how to get to a dedicated virtual desktop, and if that poses any additional considerations in regards to the connection chain.
Then again, if I am connected net-net, I could just fire up the VPN and type local addresses and expect everything to work as if I were at my office? Is that possible with OpenVPN and IPFire? Is it safe?
“you have a block of five static IP addresses from your ISP”
