Book Review

Book cover image
Building Linux Virtual Private Networks (VPNs)

Oleg Koleshikov and Brian Hatch
New Riders Press, 2002, 385 pages



T his book concentrates primarily on setting up VPNs between Linux computers acting as VPN gateways. There are many scenarios where this might be useful--for instance, if you were using a Linux box as a router between two networks. For the most part, however, people build VPNs to circumvent deficiencies in operating systems. These days, like it or not, this means providing a service for Windows clients. The most common use of VPNs is undoubtedly the "Road Warrior" scenario, with Windows clients browsing a subnet on Linux running Samba. This in turn means NAT and DHCP. Yet these topics, the authors say, are beyond the scope of the book. The discussion of firewalls, which is another never-ending source of trouble with VPNs, is superficial.

Although there is some coverage of SSL and certificates, the authors recommend using pre-shared keys (PSKs) to authenticate users with FreeS/WAN. The FreeS/WAN documentation, and the documentation from various VPN clients, all say repeatedly that this is a Really Bad Idea. Of course, a VPN is simpler to set up with PSKs. But the reason people buy books like Building Linux Virtual Private Networks is not to learn the easy stuff, but to learn how to do the tasks that are difficult.

December 23, 2002 Back