Croco, On Thu, Feb 01, 2007 at 12:15:07PM +0100, Bernhard Fischer wrote: > For a single site-to-site connection I prefer OpenVPN. It's easier to > use ... no kernel modules ... simple configuration and there are > ready-to-install packages available. We are using it for years and it > absolutly fits our needs and security issues. I second Bernhard's suggestion - use OpenVPN, unless you have a specific reason to use IPsec. There's a package of OpenVPN for Owl in our contrib directory - but it lacks compression support. For compression, you will need LZO. To build LZO from source, you will need NASM - it's available in our contrib directory. So if you like to install all of this stuff with RPMs, you seem to have these options: - try the OpenVPN package from contrib/ - but you don't get compression; - install binary RPMs from a compatible version of Fedora (FC3 or FC4 for Owl 2.0); - install the NASM package from our contrib, rebuild LZO from Fedora, then rebuild and install OpenVPN (from our contrib, from openvpn.net, or from Fedora); - same as above, but use the binary package of NASM from Fedora (their source package of NASM has extra dependencies, if I recall correctly); - rebuild Fedora packages, matching and rebuilding all dependencies (you could be forced to rebuild a lot of them). When I was installing this stuff a year ago, we did not yet have the contrib packages. Here are the package versions that I happen to have installed on an Owl box with OpenVPN: nasm-0.98.39-3 (Fedora binary RPM) lzo-1.08-6, lzo-devel-1.08-6 (rebuilt from Fedora) openvpn-2.0.7-1 (rebuilt from a http://openvpn.net download) I hope this helps. -- Alexander Peslyak <solar at openwall.com> GPG key ID: 5B341F15 fp: B3FB 63F4 D7A3 BCCC 6F6E FC55 A2FC 027C 5B34 1F15 http://www.openwall.com - bringing security into open computing environments
This archive was generated by hypermail 2.1.3 : Sun Feb 04 2007 - 06:22:56 PST