Tumblelog by Soup.io
Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

January 29 2011

QuickTun - Qontrol.nl Wiki

QuickTun is probably the simplest VPN tunnel software ever, yet it's very secure. It relies on the NaCl encryption library by D. J. Bernstein.

QuickTun uses the curve25519xsalsa20poly1305 crypto-box functionality of the NaCl library for secure public-key encryption.

And that's about all QuickTun does; encrypting and sending data. No fancy features which would only lead to bloating the binary. In fact, QuickTun itself has only a few hundred lines of pure C code, making it dead simple to maintain, analyze, debug and fix.

October 16 2010

How you make such systems providing a tunnel highly available.

There is an old but easy answer: Not at all! And it get's clearer as soon as you think about such VPN tunnels as what they really are. From a networking perpective, they are not much more than a router, a cable and another router. Think about them as such, and the simplest way to provide high availability is obvious: Dynamic routing protocols between the routers in front and behind the VPN tunnel. Just use two server pairs for the VPN connection. Both pairs are acting absolutely independent. Other components take care of the redundancy.

Most decent L3 Switches or routers support those dynamic routing protocols. or you can even use a Solaris machine by using the Quagga suite available on Solaris 10. I've used for example BGP4 to make VPN end points highly available without the need for any high availability stuff like a cluster.

The idea behind that is simple: The dynamic routing protocol is capable to detect the failure of it's connections to other routers. When a server providing a VPN tunnel or the Internet connectivity is failing, the VPN tunnel fails, and thus the dynamic routing protocol can detect this and route around this proble. It's just business as usual for protocols like BGP4.
Making a VPN connection highly available - c0t0d0s0.org
Tags: work vpn routing
Reposted bydatenwolf datenwolf

July 06 2009

Shrew Soft Inc : Software

The Shrew Soft VPN Client for Windows is a free IPsec Remote Access VPN Client for Windows 2000, XP and Vista operating systems ( x86 and amd64 versions ). It was originally developed to provide secure communications between mobile Windows hosts and open source VPN gateways that utilize standards compliant software such as ipsec-tools, OpenSWAN, FreeSWAN, StrongSWAN, isakmpd. It now offers many of the advanced features only found in expensive commercial software solutions and provides compatibility for VPN appliances produced by vendors such as Cisco, Juniper, Checkpoint, Fortinet, Netgear, Linksys, Zywall and many others.
Older posts are this way If this message doesn't go away, click anywhere on the page to continue loading posts.
Could not load more posts
Maybe Soup is currently being updated? I'll try again automatically in a few seconds...
Just a second, loading more posts...
You've reached the end.
No Soup for you

Don't be the product, buy the product!

YES, I want to SOUP ●UP for ...