Site to Site VPN

Question

We have two sites, one linux based, the other windows based which we would like to connect permently over VPN.

Does anyone know which linux VPN software is best for this? (I'm using PPTP on windows atm, but will change to IPSec once I understand what I am doing)

The primary reason to to run an offsite backup (I think we will use bacula for this).

It would be good to have a web-front end for easy configuration too if possible. — Mr Shoubs, Nov 23 '09 at 15:00
when i write linux i mean: in my case rdiff-backup runs from linux to linux, but i know it works fine under windows as well [ although i do not use it in such settings ]. — pQd, Nov 23 '09 at 18:20
rDiff isn't the solution.. we are looking for a proper backup solution, — Mr Shoubs, Nov 24 '09 at 11:53

score 2 · Accepted Answer · answered Nov 23 '09 at 14:49

2

what about using openvpn? open source, available for windows and linux.

and easy to set up... will save you some headache that ipsec can bring.

for backups - maybe you can just use ssh encapsulation - and do not set anything up at the windows side. i have quite good experience with rdiff-backup, but i'm using it only under linux [ although it has windows version as well ].

answered Nov 23 '09 at 14:49

pQd

29,981
6
66
109

When you say only using it under linux, do you mean your backing it up to another site that is linux based? – Mr Shoubs Nov 23 '09 at 14:56
It would be good to have a web-front end for easy configuration too if possible and good logging... – Mr Shoubs Nov 23 '09 at 15:03
You can use pfSense (www.pfsense.com) to set up open OpenVPN at each end with a nice http/s GUI. It works great and can run on old hardware. One site's pfSense box would have an OpenVPN server instance configured and at the other site you'd configure the client -- lots of advice for site-to-site on their forums. – nedm Nov 23 '09 at 17:05

score 0 · Answer 2 · answered Nov 23 '09 at 15:02

0

I don't know baculla, but if it does support this, maybe you could just have it create an ssh connection using key-based authentication when it is time for the backup. You can also use ssh to create a vpn tunnel, but I would recommend that, it is more ad-hoc.

I think if that is possible, you might find it to be a simpler solution. Not sure if this is the best answer for you or not, but I think it is worth looking into.

answered Nov 23 '09 at 15:02

Kyle Brandt

83,619
74
305
448

The flow of data will be from linux to windows, will that make a difference with SSH? Any good links for what I would need to do to get windows to accept SSH connections? – Mr Shoubs Nov 23 '09 at 15:05
--- but I would recommend that, it is more ad-hoc. --- you would or wouldn't reccomend it? – Mr Shoubs Nov 23 '09 at 15:09
With windows I might opt for openvpn. When I said I wouldn't recommend it, I meant using ssh to create a vpn tunnel, I would recommend normal ssh sessions. – Kyle Brandt Nov 23 '09 at 15:45

score 0 · Answer 3 · answered Nov 23 '09 at 16:17

IPCop can be a solution. It's linux-based, you just need a simple machine to act as your gateway. It supports site-to-site VPN and roadwarrior VPN (user to site). I think that part is based off OpenVPN -- it definitely generates the .ovpn file for the user part.

Site to Site VPN

3 Answers3