Berkeley CSUA MOTD:Entry 44894
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2025/07/08 [General] UID:1000 Activity:popular
7/8     

2006/10/20-23 [Computer/Networking] UID:44894 Activity:nil
10/19   I installed openVPN here at work as our VPN solution for now but
        the Mac's have real issues with DNS. They basically don't pick up
        the internal DNS server after connecting. Anyone know the solution
        to that one or know of a better VPN solution for macs?
        \_ Does it have to be SSL-based?  Is commercial an option?  Do you
           need HA?  Is this for roving clients or working at home?  How
           many?  What kind of traffic?  Some more detail would help.  If
           you can do ipsec, I'd look at FreeS/WAN or KAME if you need it
           to be free.  Otherwise M0n0wall has a pretty good OpenVPN
           implementation and does PPTP as well as ipsec VPNs, with good docs
           on site-to-site VPNs for a number of manufacturers (PIX, VPN-1,
           Nortel and others.)  -John
2025/07/08 [General] UID:1000 Activity:popular
7/8     

You may also be interested in these entries...
2007/7/13-16 [Computer/Networking] UID:47279 Activity:nil
7/13    I'm thinking about getting a Soekris 4501 to replace my the P2-400
        that is currently acting as my home firewall. Has anyone used a
        Soekris system for this purpose? If so, how well does it work? Also,
        if there are any alternatives (similar power/form factor), I would
        appreciate links to those as well. tia.
        \_ John got me to use a WRAP box similar to Soekris.  I use this one:
	...
2006/8/3-6 [Computer/Networking, Computer/SW/OS/Linux] UID:43887 Activity:nil
8/3     Similar to the post below, I'm planning to set up a machine outside
        of the firewall and I'm considering FC3/4 or RH9, and maybe others
        too. Since it's outside of the firewall, security is a concern. In
        addition, manageability is a huge issue for me as I'm not intimately
        familiar with RPM package resolutions. What do you guys suggest?
        \_ Whatever you do, I'd recommend at least looking at selinux.  For
	...
2006/4/29 [Computer/SW/WWW/Browsers] UID:42861 Activity:nil
4/29    I hate ipsec, so much.  It's like some twisted joke:
        "OpenS/WAN, a Cisco PIX, and a Sonicwall walk into a bar, and
        the bartender says, 'you got your PFS in my NAT-T!'"
o/28    Damn it, people, entertain me.
        \_ http://www.firefoxflicks.com/flick/index.php?id=19542&c=false
	...
2006/3/15-16 [Computer/Networking, Computer/SW/OS/FreeBSD] UID:42241 Activity:nil
3/14    I'm looking for a good tutorial/howto for setting up IPSEC
        on my *BSD router/firewall. Basically I want to be able to
        access my home network while I'm on the road (iBook w/ OSX
        10.4), and I don't want to set up a bunch of SSH port forwards
        to talk to various services. Any pointers?
3/14
	...
2006/3/2-5 [Computer/Networking] UID:42069 Activity:low
3/2     Has anyone seen this?  Should make a good firewall appliance.
        http://www.linuxdevices.com/news/NS3880195342.html
        \_ With only one nic?  I suppose you could use the USB..
           Wonder how M0n0wall would do on this..
           \_ I could ask Manuel (the guy who put M0n0wall together) if you're
              interested--we have him on retainer on one of my projects. -John
	...
2006/2/13-15 [Computer/Networking] UID:41829 Activity:nil
2/13    Do I really have to point my cisco pix at some cert. authority
        if I want to use keys (instead of "pre-shared secrets") ?
        I can't just self sign?? wtf?
        \_ Actually, why not just create a CA signing cert with OpenSSL
           (it's not that hard), sign a cert with that, and then import the
           CA public key into pix?  Or use a static passphrase for phase I
	...
2006/2/15 [Computer/Networking] UID:41862 Activity:nil
2/15    I'm trying to get someone setup on iChatAV but it appears that their
        ISP is blocking port 5060 (the SIP port) in order to promote their
        own VoIP products. Does anyone know of any clever ways to circumvent
        this (like port forwarding, proxy, etc.)?
        \_ Yeah--get a decent firewall (I'm going to keep on mentioning
           M0n0wall on WRAP) that does port NAT.  That, or IPSEC, although
	...
2006/1/22-24 [Computer/Networking] UID:41477 Activity:nil
1/21    I am trying to setup a small network for my girlfriend's
        mom's company.  They just bought an accounting package
        which requires windows 2003 server.  And they want internet
        access from each computer.  How should the network be setuped?
        Would it be dumb to use static IP for each computer and a
        computer as internet gateway?
	...
2006/1/2-4 [Computer/SW/Virus] UID:41199 Activity:nil
1/2     Which Windows anti-virus software do you trust/recommend?
        \_ Linux
        \_ I think the general consensus is that Kaspersky is the best AV
           program you can buy.  Among the free AV programs, Avast! is well
           regarded, followed by AntiVir.  ClamAV seems pretty good if you
           want to go open-source. --jameslin
	...
2005/10/9-10 [Computer/Networking, Computer/SW/OS/Windows] UID:40027 Activity:very high
10/9    Dear MOTD, I'm looking to give a bunch of windows users access to a
        filesharing solution on a unix box.  They're not terribly technical,
        and have mainly browser access.  Is there some sort of open source
        web based toy running over SSL that mimicks what they would see on a
        windows fileshare, with drag&drop/copy&paste?  -John
        \_ WebDAV on Apache might work for you. I think that recent
	...
2005/9/27-28 [Computer/Networking] UID:39889 Activity:low
9/27    Are there routers out there that do bandwidth limiting or
        protocol priority? I run a LAN in my house but my roomates
        seem to hog up connections making my SSH connection intolerable.
        \_ http://www.m0n0.ch/wall + http://www.pcengines.ch  -John
        \_ Think the term you are looking for is traffic shaping
        \_ Some manufacturers sell a "gaming router" which traffic shapes on
	...
2005/7/17-19 [Computer/Networking] UID:38664 Activity:nil
7/17    Got any recommendations for the WiFi service(s) in the South Bay?  My
        main concerns are security (I am a WiFi idiot.  Just want to make sure
        that my WiFi transmittions are secure.  Is this possible?), stable
        connections once I am connected, and widely available.  Some of the
        Starbucks branches have been referring me to T-Mobile, but the T-Mobile
        does not seem to have a full list of the available WiFi spots it
	...