Am Samstag, den 27.08.2005, 00:32 -0400 schrieb Michael Crute: > On 8/27/05, David Miller <[EMAIL PROTECTED]> wrote: > I've been having alot of luck with openvpn it's ssl based > rather than > ipsec. I have found it to be easier to setup and less > confusing and > it has clients for various platforms including windows...which > is not > always the easiest platform to use IPSEC with unless you go > with a > commercial client. You will need to setup a certificate > authority and > understand the basics of openssl the rest is pretty > simple. It even > works behind a NAT router or firewall. If the vpn connection > is lost > it will re-establish it's connection automatically once it's > routable > again. This works for both dynamic ip clients and even the > server as > long as you're using some sort of deamon to update dyndns > info. > > Are there any security trade-offs with SSL as opposed to IPSEC?
I suggest reading the article "OpenVPN and the SSL VPN Revoultion" on http://openvpn.net/articles.html . You should find all answers there. > > > On 8/26/05, Michael W. Holdeman <[EMAIL PROTECTED]> wrote: > > > I want to be able to access a desktop machine, and most > importantly the bsd > > file server with my laptop, again with a dynamic assigned ip > from remote > > locations. > You can easily configure OpenVPN for such kind of environments. > I know not (naught? :) about the VPN but as far as your dynamic IP > goes I use changeip.com with great success. They are farily cheap and > you can send them a top level domain. The nice part is to update the > DNS records you can download a really simple Bash script and cron it > to make the updates. > > -Mike > > > -- > ________________________________ > Michael E. Crute > Software Developer > SoftGroup Development Corporation > > Linux, because reboots are for installing hardware. > "In a world without walls and fences, who needs windows and gates?" -- Mit freundlichen Grüßen Heinz Sporn SPORN it-freelancing Mobile: ++43 (0)699 / 127 827 07 Email: [EMAIL PROTECTED] [EMAIL PROTECTED] Website: http://www.sporn-it.com Snail: Steyrer Str. 20 A-4540 Bad Hall Austria / Europe -- gentoo-user@gentoo.org mailing list
