[No Cc as per list policy, please] On Fri, Dec 17, 2004 at 03:51:40PM -0800, Mike Mestnik wrote: > --- Matthew Palmer <mpalmer@debian.org> wrote: > > 1) IPSec. Large, clunky, and complex, but the "gold standard" for VPN > > systems. Common implementations for Linux currently require the > > endpoint to > > be on the periphery of the protected subnet, not inside it (and it shits > > me > > to tears). Windows support available but a little fiddly. > > > http://www.sandelman.ottawa.on.ca/ipsec/1998/06/msg00122.html > Private addresses > on the Intranet can be handled by using NAT (network address and > port translation) or dynamically assigning the remote host an > internal address (as described in the ISAKMP configuration draft). In what way does NAT-T relate to what I was talking about? - Matt
Attachment:
signature.asc
Description: Digital signature