Thanks Vanhu: could you give me some tips on this knowhow?
--- VANHULLEBUS Yvan <[EMAIL PROTECTED]> wrote: > > IPsec with dynamic remote IPs is not as difficult, > especially with > racoon's generate_policy option, but you'll need to > know what you are > doing: Aggressive mode + PSK is known to be less > secure than other > modes, Main mode + PSK can't be done with remote > dynamic IPs, and Main > mode + X509 certificates need to have some X509 > certificates > knowledge... > > > But it CAN be done, it is probably NOT the most easy > way of doing > things, but it is probably the most secure, the most > interoperable and > the most "easy" to administrate when it's in > production... > > > Yvan. > > -- > NETASQ - Secure Internet Connectivity > http://www.netasq.com > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to > "[EMAIL PROTECTED]" > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[EMAIL PROTECTED]"