Re: tyny VPN help
--- Matthew Palmer <mpalmer@debian.org> wrote:
> [No Cc as per list policy, please]
>
> On Fri, Dec 17, 2004 at 03:51:40PM -0800, Mike Mestnik wrote:
> > --- Matthew Palmer <mpalmer@debian.org> wrote:
> > > 1) IPSec. Large, clunky, and complex, but the "gold standard" for
> VPN
> > > systems. Common implementations for Linux currently require the
> > > endpoint to
> > > be on the periphery of the protected subnet, not inside it (and it
> shits
> > > me
> > > to tears). Windows support available but a little fiddly.
> > >
> > http://www.sandelman.ottawa.on.ca/ipsec/1998/06/msg00122.html
> > Private addresses
> > on the Intranet can be handled by using NAT (network address and
> > port translation) or dynamically assigning the remote host an
> > internal address (as described in the ISAKMP configuration draft).
>
> In what way does NAT-T relate to what I was talking about?
>
<IP for remote computer using Ipsec> SNAT to <Any IP, including one on the
internel network>
> - Matt
>
> ATTACHMENT part 2 application/pgp-signature name=signature.asc
__________________________________
Do you Yahoo!?
Dress up your holiday email, Hollywood style. Learn more.
http://celebrity.mail.yahoo.com
Reply to: