NetMAX Newsletter - January 2005

1. [Update] NetMAX 5.01 Release
2. [Technical] Using VPN Clients Behind a NAT Gateway
3. [New!] NetMAX: Coming Soon!
4. [General] Let's Hear From You

1. NetMAX 5.01 Release

Yes, we announced the NetMAX 5.01 Release over the holidays, but many of you may have missed it in the mad rush of shopping and relative visits and whatnot... so if you did, here's your reminder: NetMAX Version 5.01 is available!

NetMAX has released an update to the NetMAX 5 product family that will upgrade all NetMAX 5 products to version 5.01. It is strongly recommended that all users use NetMAX Package Management to install this update at their earliest convenience.

New in NetMAX L2.4Pv5.01:

• Removes a recently uncovered local kernel exploit that could
  potentially allow a user to crash a NetMAX server.
• Addresses potential security issues with OpenSSL, the core of
  the NetMAX Server encryption mechanism.
• Upgrades Apache to 1.3.33 to address security and bug fixes.
• Upgrades the mod_ssl version used.
• Fixes installation and authentication problems with FrontPage.
• Upgrades rsync to version 2.6.3 from version 2.5.7 to
  improve security.
• Improves backup process for multiple session tapes.
• Fixes commit delay restarting NFS services if they are not
  already running.
• Upgrades SpamBouncer package to 2.0.

PLEASE NOTE: This upgrade will reboot the system.

2. Using VPN Clients Behind a NAT Gateway

One of the more difficult barriers in creating a VPN using IPSEC is that all participating VPN gateways must have routable, public IP addresses.  Sometimes this is just not possible or is very difficult.

Well, there is hope yet!  By following a few general steps, most Internet gateways can be configured to pass VPN traffic through to an internal machine.  The procedure in general is this:

• Configure the VPN gateway:
  
  This involves setting up your NetMAX VPN server for incoming Roadwarrior connections, and is covered in the NetMAX Server Suite Administrator's Manual.
  
• Configure the NAT gateway to pass VPN traffic:
  
  This step involves setting up the NAT gateway to forward ESP traffic and UDP 500 traffic to an internal machine.
  
• Configure the VPN client to connect to the VPN gateway:
  
  This involves setting up your VPN client to connect to a NetMAX, which is either covered in the manufacturer documentation included with your VPN, or included in the NetMAX Server Suite Administrator's Manual (if you use the SafeNet Client).

For more information on the specifics of the firewall rules needed, visit the NetMAX website at:

http://www.netmax.com/fom/cache/557.html

3. NetMAX: Coming Soon!

We here at NetMAX may not be quite ready to announce some things "officially" yet, but we're working on adding some exciting new NetMAX offerings, and you can help!  The NetMAX team is currently working with some of the top white box manufacturers in the world in our search to
find a worthy replacement for the Toshiba Magnia line of NetMAX servers, and we'd love your input on what you would like to see in the newest NetMAX server line.

You can already get all the features of our high-end HP server offerings, of course... but in this case we are specifically interested in what you think the best features would be for our entry level servers, based
on your own needs and experiences.

Interested?  Let your voice be heard so we can ensure our new servers are what you're looking for!  Just visit the NetMAX Forum or e-mail us, as detailed below:

4. Let's Hear From You!

We would very much like to hear from you -- especially about how you use NetMAX and Linux in your business, and how we can make NetMAX better suited to your needs. Contribute your input to the NetMAX Forum at:

www.netmax.com/cgi-bin/ikonboard/ikonboard.cgi

or to our general NetMAX contact form at:

www.netmax.com/partners/contacts.html

Let us know about your likes, dislikes, and general comments. We are especially interested in the type of additions to NetMAX that you would like to see as we continue to develop the NetMAX line.

Thank you!