From owner-freebsd-questions@FreeBSD.ORG Thu Aug 16 19:54:20 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A4CB616A419 for ; Thu, 16 Aug 2007 19:54:20 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from mail-out4.apple.com (mail-out4.apple.com [17.254.13.23]) by mx1.freebsd.org (Postfix) with ESMTP id 8A6A513C458 for ; Thu, 16 Aug 2007 19:54:20 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from relay5.apple.com (relay5.apple.com [17.128.113.35]) by mail-out4.apple.com (Postfix) with ESMTP id 7EF82F0A748; Thu, 16 Aug 2007 12:54:20 -0700 (PDT) Received: from relay5.apple.com (unknown [127.0.0.1]) by relay5.apple.com (Symantec Mail Security) with ESMTP id 6813F29C004; Thu, 16 Aug 2007 12:54:20 -0700 (PDT) X-AuditID: 11807123-a5244bb000007d99-5b-46c4ab6c0e86 Received: from [17.214.13.96] (cswiger1.apple.com [17.214.13.96]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by relay5.apple.com (Apple SCV relay) with ESMTP id 5050730400C; Thu, 16 Aug 2007 12:54:20 -0700 (PDT) In-Reply-To: <46C4A761.9090902@shopzeus.com> References: <46C4905A.1020202@shopzeus.com> <6.0.0.22.2.20070816134035.0262cff8@mail.computinginnovations.com> <46C4A761.9090902@shopzeus.com> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <40171BC1-50A5-4CDB-ABCE-94C5488E8C12@mac.com> Content-Transfer-Encoding: 7bit From: Chuck Swiger Date: Thu, 16 Aug 2007 12:54:19 -0700 To: Laszlo Nagy X-Mailer: Apple Mail (2.752.2) X-Brightmail-Tracker: AAAAAA== Cc: freebsd-questions@freebsd.org, Derek Ragona Subject: Re: Share folder over internet X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Aug 2007 19:54:20 -0000 On Aug 16, 2007, at 12:37 PM, Laszlo Nagy wrote: >> You need to create a VPN connection between your two offices. You >> can do this in a variety of ways, but probably the best solution >> would be to have static IP's for both offices and a router that >> has hardware support for VPNs at each office. You can connect the >> two offices via a VPN connection from router to router. > > Well, we do not have static IP addresses, and the routers does not > support VPN. Also I do not like the idea of VPN because I feel that > would forward more packets than needed. I may be wrong. :-) A properly-configured VPN setup uses what Cisco calls a "split config", where only traffic addressed to the subnet on the other side of the VPN actually goes through the VPN tunnel; normal traffic sent elsewhere goes out your normal default route. Some people have experienced VPN setups where all traffic goes through the tunnel, and those do indeed forward more traffic than they should. > Although we do not have static IP, we have DDNS. Is it possible to > do VPN from one FreeBSD box to another and then.... what? Mount > nfs? Mount smb? I can mount a remote smb volume then share it with > another smb server, but it looks wreid to me and I'm also concerned > about speed. I believe smb is not optimized for speed. If I have to > use VPN then I would like to use the most traffic-efficient method > over VPN. Can you suggest something? Your goal to do filesharing safely over the Internet is best satisfied by having a VPN between two static netblocks, or at least individual IPs. openvpn makes a decent solution for FreeBSD, but if you're not willing to get static IPs and configure a VPN, well, then you probably need to re-evaluate your goals. -- -Chuck