On 7/15/2011 2:44 AM, Lance Corrimal wrote: > > how does that works in a http-proxy-only network? >
if it's locked down that tight, with only http connections allowed outbound and all those forced to go via proxy then of course it doesnt. But all you need is ONE outbound service that can avoid the proxy - I've had best results setting the vpn endpoint to use the https port, but if necessary, all you need is outbound ssh whether its proxied or not - you can "add a layer" and tunnel a ssl-based vpn over that. I know "tunneling a tunnel" isnt exactly best practice, and theoretically you could just tunnel the SL ports with ssh alone but the advantage of using a vpn is that it appears as a separate network interface to the local machine and it's therefore easier to route the LL public subnets traffic through it reliably. It's always easier to poke holes in a firewall or proxy from the inside out, they are designed to prevent unpleasantness coming the other way :) _______________________________________________ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
