Re: [owl-users] *SWAN on Owl?

From: Solar Designer (solar@private)
Date: Sun Feb 04 2007 - 06:20:08 PST


Croco,

On Thu, Feb 01, 2007 at 12:15:07PM +0100, Bernhard Fischer wrote:
> For a single site-to-site connection I prefer OpenVPN. It's easier to
> use ... no kernel modules ... simple configuration and there are
> ready-to-install packages available. We are using it for years and it
> absolutly fits our needs and security issues.

I second Bernhard's suggestion - use OpenVPN, unless you have a specific
reason to use IPsec.  There's a package of OpenVPN for Owl in our
contrib directory - but it lacks compression support.  For compression,
you will need LZO.  To build LZO from source, you will need NASM - it's
available in our contrib directory.  So if you like to install all of
this stuff with RPMs, you seem to have these options:

- try the OpenVPN package from contrib/ - but you don't get compression;

- install binary RPMs from a compatible version of Fedora (FC3 or FC4
for Owl 2.0);

- install the NASM package from our contrib, rebuild LZO from Fedora,
then rebuild and install OpenVPN (from our contrib, from openvpn.net, or
from Fedora);

- same as above, but use the binary package of NASM from Fedora (their
source package of NASM has extra dependencies, if I recall correctly);

- rebuild Fedora packages, matching and rebuilding all dependencies (you
could be forced to rebuild a lot of them).

When I was installing this stuff a year ago, we did not yet have the
contrib packages.  Here are the package versions that I happen to have
installed on an Owl box with OpenVPN:

nasm-0.98.39-3 (Fedora binary RPM)
lzo-1.08-6, lzo-devel-1.08-6 (rebuilt from Fedora)
openvpn-2.0.7-1 (rebuilt from a http://openvpn.net download)

I hope this helps.

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: 5B341F15  fp: B3FB 63F4 D7A3 BCCC 6F6E  FC55 A2FC 027C 5B34 1F15
http://www.openwall.com - bringing security into open computing environments



This archive was generated by hypermail 2.1.3 : Sun Feb 04 2007 - 06:22:56 PST