[Shorewall-users] Port forwarding to network zone and tunneling advice

Tom Eastep teastep at shorewall.net
Mon Dec 15 16:40:09 PST 2003


On Mon, 15 Dec 2003, Dark Ryder wrote:

> I'm also looking for advice on tunneling options.  I intent to tunnel my own
> home network with that of a friend (who is running an almost identical Shorewall
> setup).  However, while he has a static IP for his network, I'm stuck with DHCP
> for mine.  Looking at the Shorewall docs, it appears that PPTP is the only
> tunneling option for which Shorewall does not require a fixed IP on both ends? 
> If so, my concerns regarding using PPTP are that A) I have not found (or perhaps
> found but not recognized) documentation that says PPTP is bi-directional; it
> appears it is most commonly used for a single host connecting to a remote
> network rather than connection two networks together, and B) there appears to be
> some concert about the security of PPTP; what I'm trying to do is create a
> secure, encrypted tunnel so that we don't have to worry about using "weak"
> services like SMB, FTP, and the like.

I personally would use PPTP with your end being the client -- PPTP works 
fine to connect two networks.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net



More information about the Shorewall-users mailing list