Hi,
I am looking at how to implement VPN but I'm getting confused as to how
IPSec, IKE, OpenSSL, FreeSWAN, racoon etc. all fit into the picture. I
am looking at two scenarios, and I have two questions.
1) Standard IPSec tunnel:
+----+ IPSec/VPN +----+
LAN---| FW |-----------| FW |---LAN
+----+ +----+
In this scenario: Can CARP/pf handle VPN/IPSec connections incase the
master unit fails? (I am assuming that both ends have fixed public
routable ip's).
2) VPN for mobile users
+----+ VPN +-----+
LAN---| FW |-----------| FW? |---[mobile unit]
+----+ +-----+
For mobile users I can't be sure where they are, their ip, or if they
are behind NAT/firewall, nor can I trust the network until the mobile unit.
IPSec breaks behind NAT, are there other altertives than ssh-tunnels I
should take a look at? (which? :-)
Thanks, Erik
--
Ph: +34.666334818 web: www.locolomo.org
S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt
Subject ID: A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9
Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
