Archived from groups: alt.internet.wireless (
More info?)
On 17 Jul 2004 22:22:21 -0700, billpritjr@spamhole.com (Bill) wrote:
>Can anyone recommend a browser based or software based personal VPN
>that I could use when surfing the internet in public hotspots?
>
>Yes, I know "dont check email or access your secure data" however this
>kinda defeats the purpose of having Wi-Fi capability and convenience
>at Starbucks or the local airport terminal.
>
>I want to be able to SECURELY do this via VPN or similar device.
Well, the problem with any secure tunnel or encryption scheme is that
the connection has to terminated somewhere. Just having VPN or SSH
software on your laptop does not magically give you a secure
connection. It has to end up (terminate) somewhere and the other end
has to have your security settings, pass phrase, etc stored somewhere.
One possibility is to terminate the VPN at the access point. This is
being done with some corporate access points, but is a major pain in
dealing with the multitude of customers at a hot spot. I think you
can forget that idea.
The easiest is if your ISP supports web mail via SSL (secure sockets
layer). SSL is built into the major web browsers and will encrypt the
sessions without any additional software added to your laptop.
However, the SSL based webmail must be supplied by your ISP.
Another method is to use SSH (secure shell). This requires a
login/password combination stored on the server, but is fairly simple
on the client end (your end). The most common program is called
"Putty". It's free.
http://www.chiark.greenend.org.uk/~sgtatham/putty/
However, this is most commonly used for telnet (character based)
email.
A VPN would probably be more useful if you were connecting to a
corporate LAN or your own mail server. It creates an encrypted
"tunnel" into the LAN over the internet. Again, the problem is where
and how to terminate the VPN. Again, your ISP has to provide the
service, administer the login/passwd settings, and setup the security.
The general proceedure for connecting to an IPSec VPN from W2K and XP
can be found at:
http://vpn.ebootis.de
Freeswan is an open source VPN server.
http://harlech.math.ucla.edu/services/ipsec-windows.html
Yeah, it's a mess when using the MS provided IPSec tools.
Sorry, I don't have an instant answer, but at least you now know the
limitations. Ask your ISP for SSL webmail.
--
Jeff Liebermann jeffl@comix.santa-cruz.ca.us
150 Felker St #D
http://www.LearnByDestroying.com
Santa Cruz CA 95060 AE6KS 831-336-2558