"Jason Pyeron" jpyeron@pdinc.us wrote:
We are setting up a new server (prefer centos4 vs 5) what should we do for a coporate vpn back to the US? <<
Your first step should be to get on top of the regulations regarding use of cryptography in China. Here's a starting point: http://rechten.uvt.nl/koops/cryptolaw/cls2.htm#prc. You may well require a licence from the State Encryption Management Commission.
Best,
--- Les Bell, RHCE, CISSP [http://www.lesbell.com.au] Tel: +61 2 9451 1144 FreeWorldDialup: 800909
Les Bell wrote:
"Jason Pyeron" jpyeron@pdinc.us wrote:
We are setting up a new server (prefer centos4 vs 5) what should we do for a coporate vpn back to the US? <<
Your first step should be to get on top of the regulations regarding use of cryptography in China. Here's a starting point: http://rechten.uvt.nl/koops/cryptolaw/cls2.htm#prc. You may well require a licence from the State Encryption Management Commission.
A-yup. It is technically illegal to set up a virtual private network without the necessary paperwork. I'm not sure how strictly it's enforced (many things in China are only enforced if someone in authority has it out for you), but I suspect if you're running an actual business in China it is better to comply with their regulations than to roll the dice and risk getting busted. There are a few people on the list that run and/or work at Chinese datacenters so I'm sure someone will chime in with their experiences soon.
Good luck!
-----Original Message----- From: Chris Mauritz
Les Bell wrote:
well require a
licence from the State Encryption Management Commission.
A-yup. It is technically illegal to set up a virtual private network without the necessary paperwork. I'm not sure how strictly it's enforced (many things in China are only enforced if someone in authority has it out for you), but I suspect if you're running an actual business in China it is better to comply with their regulations than to roll the dice and risk getting busted. There are a few people on the list that run and/or work at Chinese datacenters so I'm sure someone will chime in with their experiences soon.
Thanks. After searching based on the details from Les and finding nothing (in English) I have defered to our non-technical Chinese manager.
So if any one on the list has done this properly, I would like to talk to them.
That being said, I will be going to China in a few days for a short trip. Is there any hopes of checking my email? SSH or imaps? Ideas?
-jason
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Sr. Consultant 10 West 24th Street #100 - - +1 (443) 269-1555 x333 Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, purge the message from your system and notify the sender immediately. Any other use of the email by you is prohibited.
We recently deployed MPLS to our office in Shanghai. Not sure what paperwork they had to do, but their email resides in the US now. Their internet connection still goes out through China Telecom so the government can still monitor their web traffic.
Mike
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Jason Pyeron Sent: Sunday, January 27, 2008 10:31 AM To: 'CentOS mailing list' Subject: RE: [CentOS] VPN in China for our server [OT?]
-----Original Message----- From: Chris Mauritz
Les Bell wrote:
well require a
licence from the State Encryption Management Commission.
A-yup. It is technically illegal to set up a virtual
private network
without the necessary paperwork. I'm not sure how strictly it's enforced (many things in China are only enforced if someone in authority has it out for you), but I suspect if you're running an actual business in China it is better to comply with their
regulations
than to roll the dice and risk getting busted. There are a
few people
on the list that run and/or work at Chinese datacenters so I'm sure someone will chime in with their experiences soon.
Thanks. After searching based on the details from Les and finding nothing (in English) I have defered to our non-technical Chinese manager.
So if any one on the list has done this properly, I would like to talk to them.
That being said, I will be going to China in a few days for a short trip. Is there any hopes of checking my email? SSH or imaps? Ideas?
-jason
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-- Jason Pyeron PD Inc. http://www.pdinc.us -
- Sr. Consultant 10 West 24th Street #100 -
- +1 (443) 269-1555 x333 Baltimore, Maryland 21218 -
--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, purge the message from your system and notify the sender immediately. Any other use of the email by you is prohibited.
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Mike Kercher Sent: Sunday, January 27, 2008 11:49 To: CentOS mailing list Subject: RE: [CentOS] VPN in China for our server [OT?]
We recently deployed MPLS to our office in Shanghai. Not sure what paperwork they had to do, but their email resides in the US now. Their internet connection still goes out through China Telecom so the government can still monitor their web traffic.
Good to know, that is pretty much what we would want to do, as to not saturate our link with http requests. Could you find out who they used to process their paperwork or put me in touch with the IT management their (sorry for being so forward)?
Besides, it would be on less corporate content filter appliance that we need to budget for. :)
-jason
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Sr. Consultant 10 West 24th Street #100 - - +1 (443) 269-1555 x333 Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, purge the message from your system and notify the sender immediately. Any other use of the email by you is prohibited.
To my knowledge, Sprint did all of the paperwork as well as having the loop installed in Shanghai.
Mike
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Jason Pyeron Sent: Sunday, January 27, 2008 11:57 AM To: 'CentOS mailing list' Subject: RE: [CentOS] VPN in China for our server [OT?]
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Mike Kercher Sent: Sunday, January 27, 2008 11:49 To: CentOS mailing list Subject: RE: [CentOS] VPN in China for our server [OT?]
We recently deployed MPLS to our office in Shanghai. Not sure what paperwork they had to do, but their email resides in the US now. Their internet connection still goes out through China
Telecom so the
government can still monitor their web traffic.
Good to know, that is pretty much what we would want to do, as to not saturate our link with http requests. Could you find out who they used to process their paperwork or put me in touch with the IT management their (sorry for being so forward)?
Besides, it would be on less corporate content filter appliance that we need to budget for. :)
-jason
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-- Jason Pyeron PD Inc. http://www.pdinc.us -
- Sr. Consultant 10 West 24th Street #100 -
- +1 (443) 269-1555 x333 Baltimore, Maryland 21218 -
--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, purge the message from your system and notify the sender immediately. Any other use of the email by you is prohibited.
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-
Chris Mauritz -
Jason Pyeron -
Les Bell -
Mike Kercher