[clug-talk] IPCop and VPN
lists at thelauders.net
Mon Sep 19 23:50:56 PDT 2005
On September 19, 2005 10:24 pm, Shawn wrote:
> Has anyone been successful in getting IPCop to act as a VPN server, and
> thereby an interface to the internal network? (for authorized users of
> This is one topic that just hasn't been clicking for me. The resources I
> find online are old (for IPCop 1.2, or 1.3), or assume familiarity with
> other VPN systems.
> I'm probably making this much harder than it really is, but feel I need a
> little hand holding to get this in place properly the first time. At that
> point I suspect everything will click for me, and will be able to recreate
> it, or expand on it.
> To be honest, I can feel a mental barrier anytime I do anything that needs
> to deal with more complex authentication mechanisms (more complex than just
> plain shell accounts that is), and security certificates. It just seems
> that there's some underlying concept or fact I haven't grasped yet... But,
> I'll keep at it until these areas do click for me. I know enough to be
> productive regardless of this...
> So, the bottom line is I'm looking for any good online documents, or tips
> on how to get an IPCop 1.4 box configured to be a gateway into my network.
> The boxes involved are mixed - some are windows and some are Linux, both
> internally, and externally.
> Any suggestions are appreciated. Thanks.
Although I can't speak for configuring IPCop (I'm assuming it uses IPSec /
PPTP and that the one that is giving you grief is IPSec), I thought I would
comment on the mental barrier you get when it comes to the more complex
authentication methods. The first time I looked at IPSec I felt the same way
about trying to learn it. I eventually did learn enough to get by in it but
realised it was taking way too much energy for the benefits I would get from
using it. So, I stopped using it. I'm not sure if you know about OpenVPN
but I highly recommend using it over other VPN technologies. There appears
to be an addon / howto for OpenVPN on IPCop so that might help solve your
issues. Although I've only ever run OpenVPN on Gentoo & Windows 2000 / XP so
I can't vouch for the ease of configuration on IPCop. It will run on both
Windows / Linux equally well without having to patch the kernel (it's all
userspace aside from using the TUN / TAP adapter). It doesn't suffer from
the complexity that IPSec does, which in my opinion, makes IPSec a huge
failure. You get a mental block from IPSec because it was poorly designed :P
The OpenVPN addon / howto info for IPCop can be found:
OpenVPN is quiet flexible. I've used it to create bridged roadwarrior
connections for Home users and for routed Network <-> Network connections
involving 20+ networks connected to a central VPN Server.
More information about the clug-talk