| 1 |
On 8/27/05, David Miller <david3d@×××××.com> wrote: |
| 2 |
> |
| 3 |
> I've been having alot of luck with openvpn it's ssl based rather than |
| 4 |
> ipsec. I have found it to be easier to setup and less confusing and |
| 5 |
> it has clients for various platforms including windows...which is not |
| 6 |
> always the easiest platform to use IPSEC with unless you go with a |
| 7 |
> commercial client. You will need to setup a certificate authority and |
| 8 |
> understand the basics of openssl the rest is pretty simple. It even |
| 9 |
> works behind a NAT router or firewall. If the vpn connection is lost |
| 10 |
> it will re-establish it's connection automatically once it's routable |
| 11 |
> again. This works for both dynamic ip clients and even the server as |
| 12 |
> long as you're using some sort of deamon to update dyndns info. |
| 13 |
|
| 14 |
|
| 15 |
Are there any security trade-offs with SSL as opposed to IPSEC? |
| 16 |
|
| 17 |
On 8/26/05, Michael W. Holdeman <lists@××××.org> wrote: |
| 18 |
> |
| 19 |
> > I want to be able to access a desktop machine, and most importantly the |
| 20 |
> bsd |
| 21 |
> > file server with my laptop, again with a dynamic assigned ip from remote |
| 22 |
> > locations. |
| 23 |
|
| 24 |
|
| 25 |
I know not (naught? :) about the VPN but as far as your dynamic IP goes I |
| 26 |
use changeip.com <http://changeip.com> with great success. They are farily |
| 27 |
cheap and you can send them a top level domain. The nice part is to update |
| 28 |
the DNS records you can download a really simple Bash script and cron it to |
| 29 |
make the updates. |
| 30 |
|
| 31 |
-Mike |
| 32 |
|
| 33 |
-- |
| 34 |
________________________________ |
| 35 |
Michael E. Crute |
| 36 |
Software Developer |
| 37 |
SoftGroup Development Corporation |
| 38 |
|
| 39 |
Linux, because reboots are for installing hardware. |
| 40 |
"In a world without walls and fences, who needs windows and gates?" |
Archives