From owner-freebsd-questions@FreeBSD.ORG Tue Jun 17 20:32:53 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F025E37B401 for ; Tue, 17 Jun 2003 20:32:53 -0700 (PDT) Received: from dsl-mail.kamp.net (mail.kamp-dsl.de [195.62.99.42]) by mx1.FreeBSD.org (Postfix) with SMTP id C55B943F3F for ; Tue, 17 Jun 2003 20:32:52 -0700 (PDT) (envelope-from root@pukruppa.de) Received: (qmail 25889 invoked by uid 505); 18 Jun 2003 03:32:53 -0000 Received: from root@pukruppa.de by dsl-mail by uid 502 with qmail-scanner-1.14 (spamassassin: 2.43. Clear:. Processed in 0.178068 secs); 18 Jun 2003 03:32:53 -0000 Received: from unknown (HELO reverse-213-146-114-24.dialin.kamp-dsl.de) (213.146.114.24) by dsl-mail.kamp.net with SMTP; 18 Jun 2003 03:32:52 -0000 Date: Wed, 18 Jun 2003 05:36:11 +0200 (CEST) From: "P. U. Kruppa" To: Bill Moran In-Reply-To: <3EEF7F00.6000101@potentialtech.com> Message-ID: <20030618052616.I668@small.pukruppa.de> References: <20030617004110.05473440.dmp@pantherdragon.org> <3EEF7F00.6000101@potentialtech.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: Darren Pilgrim cc: questions@freebsd.org Subject: Re: Secure tunnel: SSH or SSL or IPsec? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jun 2003 03:32:54 -0000 On Tue, 17 Jun 2003, Bill Moran wrote: > Darren Pilgrim wrote: > > I need to create a secure connection over the inter between my workstation at > > home and a server I have elsewhere. My workstation is running RELENG_5_0 and > > the server runs RELENG_4_8, both up to date. I need the secure connection to > > occasionally access swat and VNC remotely. You can assume all the ports I'll be > > accessing are local to the server. My workstation is behind a Linksys BEFSR > > router doing NAT with an IPsec passthrough. > > > > What would work best in this situation? > > Just to throw something else into the mix. > > I've used vtun in the ports (net/vtun) with great success. It's fairly easy > to set up and works like a charm. > You can configure it to use any port you want, whatever's available. > It's what I would use if I were in your situation, so I thought I'd recommend it. Just to throw something else ... :-) vtun really works well - as long as both client and server have static IP's . Do you have any idea what can be done if the client has a dynamic IP ? Connecting from client to server always works well. But the other way round my connection breaks after some time and cannot be restablished. Regards, Uli. > > -- > Bill Moran > Potential Technologies > http://www.potentialtech.com > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > +-----------------------------------+ | Peter Ulrich Kruppa | | - Wuppertal - | | Germany | +-----------------------------------+