Title: Virtual private network solutions for Linux

KBTAG: kben10000061
URL: http://www.securityportal.com/lskb/10000050/kben10000061.html
Date created: 17/07/2000
Date modified:
Date removed:
Authors(s): Kurt Seifried seifried@securityportal.com
Topic: Virtual private network solutions for Linux
Keywords: Network/VPN

Summary:

There are a variety of VPN solutions for Linux. I would strongly advise using IPSec if possible since it is the emerging standard for VPN's on the Internet, and will be incorporated with IPv6. On the other hand if you are behind a firewall and want to tunnel out the SSH based solution and so on will do the trick, whereas IPSec will typically fail (since the packet headers are being rewritten).

More information:

IPSec

IPSec for Linux is at http://www.freeswan.org/.

PPTP (Point to Point Tunneling Protocol)

PPTP is a proprietary protocol created by Microsoft for VPN solutions. To date it has been shown to contain numerous serious flaws. However if you need to integrate Linux into a PPTP environment all is not lost, http://www.moretonbay.com/vpn/pptp.html contains a Linux implementation of PPTP. 

CIPE (Crypto IP Encapsulation)

CIPE is a free IP level encryption scheme, meant for use between routers. It is appropriate for 'bridging' networks securely together over insecure networks (like the Internet). The official cite for CIPE is at: http://sites.inka.de/~W1011/devel/cipe.html. I would however recommend FreeS/WAN as a better long term solution.

ECLiPt Secure Tunnel (currently in beta)

Another GNU licensed solution for Linux VPN's. Currently in beta (and not recommended for mass use) but I thought I should mention it anyways since it seems to be a serious effort. The official page is at: http://eclipt.uni-klu.ac.at/projects/est/. Again I would have to recommend FreeS/WAN as a better long term solution.

Stunnel

Stunnel is an SSL based solution for securing network services. It has a server portion that runs on the UNIX server, and a client portion that runs on UNIX or Windows.
http://mike.daewoo.com.pl/computer/stunnel/

Virtual Tunnel

Virtual Tunnel (VTUN) supports a variety of methods of establishing a link, and several algorithms. You can get it from: http://vtun.netpedia.net/.

Zebedee

Zebedee provides encryption of TCP traffic between hosts and is available for UNIX and windows. You can get it from: http://www.winton.org.uk/zebedee/.

Virtual Private Server

Virtual Private Server is a VPN solution that uses PPP and SSH (basically it provides a nicer interface to it). You can get it from: http://www.strongcrypto.com/.