On Fri, Jul 25, 2003 at 05:05:53PM -0700, Ben Barrett wrote: > Cory, I think this would be a great idea for a bootable CD-powered wifi > mesh... any problems with that notion? Opportunistic Encryption is only supported by freeswan on linux (according to them). I believe they came up with the idea. While this is fine, there are some DNS requirements. If you control your own dns server and have access to your reverse records, then you can enter in your RSA keys.
As for going without OE, one needs to predefine each connection, not necessarily each IP address. With my vpn clients, I have a public rsa key on the server and on the client (they have eachother's public rsa). Then I tell the server, accept this rsa key. The client is configured the same way. I can then connect from any ip address, even those behind NAT firewalls. One does need a static public server though. This would work on a wireless link, even from a bootable cd image, however the configuration is as static as the cd. Cory -- Cory Petkovsek Adapting Information Adaptable IT Consulting Technology to your (541) 914-8417 business [EMAIL PROTECTED] www.AdaptableIT.com _______________________________________________ EuG-LUG mailing list [EMAIL PROTECTED] http://mailman.efn.org/cgi-bin/listinfo/eug-lug
