Hi, I am looking at how to implement VPN but I'm getting confused as to how IPSec, IKE, OpenSSL, FreeSWAN, racoon etc. all fit into the picture. I am looking at two scenarios, and I have two questions.
1) Standard IPSec tunnel: +----+ IPSec/VPN +----+ LAN---| FW |-----------| FW |---LAN +----+ +----+ In this scenario: Can CARP/pf handle VPN/IPSec connections incase the master unit fails? (I am assuming that both ends have fixed public routable ip's). 2) VPN for mobile users +----+ VPN +-----+ LAN---| FW |-----------| FW? |---[mobile unit] +----+ +-----+ For mobile users I can't be sure where they are, their ip, or if they are behind NAT/firewall, nor can I trust the network until the mobile unit. IPSec breaks behind NAT, are there other altertives than ssh-tunnels I should take a look at? (which? :-) Thanks, Erik -- Ph: +34.666334818 web: www.locolomo.org S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt Subject ID: A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9 Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2 _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"