--- Matthew Palmer <[EMAIL PROTECTED]> wrote: > [No Cc as per list policy, please] > > On Fri, Dec 17, 2004 at 03:51:40PM -0800, Mike Mestnik wrote: > > --- Matthew Palmer <[EMAIL PROTECTED]> wrote: > > > 1) IPSec. Large, clunky, and complex, but the "gold standard" for > VPN > > > systems. Common implementations for Linux currently require the > > > endpoint to > > > be on the periphery of the protected subnet, not inside it (and it > shits > > > me > > > to tears). Windows support available but a little fiddly. > > > > > http://www.sandelman.ottawa.on.ca/ipsec/1998/06/msg00122.html > > Private addresses > > on the Intranet can be handled by using NAT (network address and > > port translation) or dynamically assigning the remote host an > > internal address (as described in the ISAKMP configuration draft). > > In what way does NAT-T relate to what I was talking about? > <IP for remote computer using Ipsec> SNAT to <Any IP, including one on the internel network>
> - Matt > > ATTACHMENT part 2 application/pgp-signature name=signature.asc __________________________________ Do you Yahoo!? Dress up your holiday email, Hollywood style. Learn more. http://celebrity.mail.yahoo.com