1 |
On 8/27/05, David Miller <david3d@×××××.com> wrote: |
2 |
> |
3 |
> I've been having alot of luck with openvpn it's ssl based rather than |
4 |
> ipsec. I have found it to be easier to setup and less confusing and |
5 |
> it has clients for various platforms including windows...which is not |
6 |
> always the easiest platform to use IPSEC with unless you go with a |
7 |
> commercial client. You will need to setup a certificate authority and |
8 |
> understand the basics of openssl the rest is pretty simple. It even |
9 |
> works behind a NAT router or firewall. If the vpn connection is lost |
10 |
> it will re-establish it's connection automatically once it's routable |
11 |
> again. This works for both dynamic ip clients and even the server as |
12 |
> long as you're using some sort of deamon to update dyndns info. |
13 |
|
14 |
|
15 |
Are there any security trade-offs with SSL as opposed to IPSEC? |
16 |
|
17 |
On 8/26/05, Michael W. Holdeman <lists@××××.org> wrote: |
18 |
> |
19 |
> > I want to be able to access a desktop machine, and most importantly the |
20 |
> bsd |
21 |
> > file server with my laptop, again with a dynamic assigned ip from remote |
22 |
> > locations. |
23 |
|
24 |
|
25 |
I know not (naught? :) about the VPN but as far as your dynamic IP goes I |
26 |
use changeip.com <http://changeip.com> with great success. They are farily |
27 |
cheap and you can send them a top level domain. The nice part is to update |
28 |
the DNS records you can download a really simple Bash script and cron it to |
29 |
make the updates. |
30 |
|
31 |
-Mike |
32 |
|
33 |
-- |
34 |
________________________________ |
35 |
Michael E. Crute |
36 |
Software Developer |
37 |
SoftGroup Development Corporation |
38 |
|
39 |
Linux, because reboots are for installing hardware. |
40 |
"In a world without walls and fences, who needs windows and gates?" |