Hello Jason, hard to give a good answer without more details but if you are telneting or copying files etc then SSH might be a solution. SSH is available for all systems.
PGPvpn will work on Windows systems and is compatible with 2000 VPN IPSec setup. Sets up a seamless VPN that is transparent to the end user. Kerberos on Windows will work across the board only if the Windows box is the server for Kerberos. Windows will support Unix kerberos clients but not recognise a kerberos unix server. To directly answer you final question: YES it is possible and in many cases recommended. Steps I would personally go with is Windows 2000 servers user their IPSec builtin solution. NT Servers get PGPvpn and then clients get PGPvpn if they are not windows 2000. Unix boxes will use whatever IPSec implementation works best on them. All is compatible and should be transparent to the end user. Tough enough to setup but certainly possible. Good Luck. Trevor p.s. The VPN side I am sure of as I have set it up already, working nicely too. The Kerberos I am in the middle of and Microsoft documents and Linux documents are what I am going by so I am open for correction there. -----Original Message----- From: Jason Lewis [mailto:[EMAIL PROTECTED]] Sent: 03 March 2002 06:05 To: [EMAIL PROTECTED] Subject: Alternatives to Kerberos I have been tossing around the idea of encrypting all my LAN traffic. I have several Wireless Access Points that started me down this path. Cisco is pushing VPN's for all wireless clients. So I started thinking..... Kerberos will do this, but I think trying to get Windows 2K, Linux, Solaris, etc. all on the same page will be a superhuman feat. What about IPSec? I could setup VPN's for each server-to-client and server-to-server, but that seems like a kludge. Is anyone aware of software that will automatically negotiate a tunnel between boxes? I am leaning towards IPSec, but will consider anything. I am not looking at hardware right now, which may be the only solution. In a nutshell, I want end to end encryption on my local net.....possible? Jason Lewis http://www.packetnexus.com It's not secure "Because they told me it was secure". The people at the other end of the link know less about security than you do. And that's scary. ****************************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this message in error please notify SYSNET Ltd., at telephone no: +353-1-2983000 or [EMAIL PROTECTED] ******************************************************************************
