--- Joachim Schipper <[EMAIL PROTECTED]> wrote: > There is something in the archives about usable > IPsec clients for > Windows. The built-in one certainly isn't.
ok. good to know. > This shouldn't be too difficult. Start by installing > -current, which has > a very neat new configuration interface - > ipsec.conf(5). (Of course, > you also get the newest and most shiny bugs.) > sorry. got to go with the stable branch (3.9). > to the VPN box. The only real problem you are going > to run into is if > subnet C overlaps with a network the client is > already connected to, actually, client connects to a public network and doesn't overlaps with destinatio subnet (C), and I want its VPN interface to "put" the client as close as possible to destination subnet (C). Putting the client's VPN interface directly to destination subnet (C) would be the most preffered solution. > however, since you mentioned 'public subnet', it > might be using public > IPs, in which case this won't be a problem. > > > Alternately, for a more shiny, more > firewall-friendly, but less > efficient protocol and not quite as secure an > implemenation, try > OpenVPN. It runs on Windows, Mac OS X, and (most?) > POSIX-compliant > systems that have tap/tun devices. OK but do OpenVPN connections survive NAT ? It is possible for some client addresses to be private and then translated through NAT to reach the internet. Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
