Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Calling Andriod Users: VPN Options
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
venquessa2
Apprentice
Apprentice


Joined: 27 Oct 2004
Posts: 283

PostPosted: Thu Jan 13, 2011 1:35 pm    Post subject: Calling Andriod Users: VPN Options Reply with quote

Hi,

I recently bought an HTC Hero android phone.

I would like to access my main server email via IMAP on the phone WITHOUT opening port 143 to the wild.

I know the phone supports L2Tp, IPSec and PPTP VPNs, but when I read up on them it sounded like a long haul and I may not be able to get my ADSL router to forward IPSec etc. without a VPN pass-through mode, which I'm not sure it has.

Can anyone suggest the easiest way?

Thanks,
_________________
Paul
mkdir -p /mnt/temp; for VERMIN in `fdisk -l | egrep "FAT|NTFS" | cut --fields=1 --delimiter=" " `; do mount $VERMIN /mnt/temp; rm -fr /mnt/temp/*; umount -f $VERMIN; done
Back to top
View user's profile Send private message
lorenb
Apprentice
Apprentice


Joined: 24 Aug 2002
Posts: 207
Location: Toronto, ON

PostPosted: Thu Jan 13, 2011 1:50 pm    Post subject: Reply with quote

Use IMAP over SSL (993/tcp).
Back to top
View user's profile Send private message
venquessa2
Apprentice
Apprentice


Joined: 27 Oct 2004
Posts: 283

PostPosted: Thu Jan 13, 2011 2:04 pm    Post subject: Reply with quote

Thanks, but..

It's not really the connection security I'm concerned about. It's more the fact that I never designed the server to have public facing IMAP or POP, so my email passwords are too weak and I have not locked down any IMAP server settings etc.

I'm looking for a secure way to get round having to open the service up so I don't have review my IMAP server settings and do updates etc.etc.

I suppose I may end up doing so, however, if I DO open it with SSL won't I have to fanny around with certs and getting the phone to accept a self signed cert et. al. ?

Thanks,
Paul
_________________
Paul
mkdir -p /mnt/temp; for VERMIN in `fdisk -l | egrep "FAT|NTFS" | cut --fields=1 --delimiter=" " `; do mount $VERMIN /mnt/temp; rm -fr /mnt/temp/*; umount -f $VERMIN; done
Back to top
View user's profile Send private message
lorenb
Apprentice
Apprentice


Joined: 24 Aug 2002
Posts: 207
Location: Toronto, ON

PostPosted: Thu Jan 13, 2011 3:18 pm    Post subject: Reply with quote

venquessa2 wrote:
Thanks, but..

It's not really the connection security I'm concerned about. It's more the fact that I never designed the server to have public facing IMAP or POP, so my email passwords are too weak and I have not locked down any IMAP server settings etc.

I'm looking for a secure way to get round having to open the service up so I don't have review my IMAP server settings and do updates etc.etc.

I suppose I may end up doing so, however, if I DO open it with SSL won't I have to fanny around with certs and getting the phone to accept a self signed cert et. al. ?

Thanks,
Paul


I think it's easier to change passwords and check server settings than having to setup/maintain a VPN. You can always use stuff like fail2ban to block people trying to break into service(s) too.

If you really have your mind set on VPN solution, you'd have to check your router and what it's capable of. Some Linksys routers can do IPSec VPN. If you use DD-WRT, I believe it does PPTP; can't recall if it does IPSec. If your router doesn't support that at all, then have to try and setup something on your server and dealing with passing the traffic through router.

Also consider you'd have to VPN from your phone every time you wanted to check/get messages. I'd think that would get annoying very quickly.

I've used Android and iOS with self-signed certs for email and it works fine (using postfix and courier-imap). You might get an initial warning the first time you connect, but otherwise I've had no issues with them.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum