Date: Thu, 24 Feb 2000 15:40:16 +0000 From: David Pick <D.M.Pick@qmw.ac.uk> To: Damien Tougas <damien@tougas.net> Cc: freebsd-security@freebsd.org Subject: Re: SSH port forwarding Message-ID: <E12O0NE-0005Pe-00@xi.css.qmw.ac.uk> In-Reply-To: Your message of "Thu, 24 Feb 2000 07:50:32 MST." <20000224075032.A4699@tougas.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> This seems like an easy way to set up a VPN. The box is both doing > NAT and the VPN, and hence makes it easy to use it as both an > internet gateway as well as a VPN. I have heard this method referred > to as a poor man's VPN, why? Are there better/more preferred > methods of setting up a VPN? SKIP or IPSEC? Why would I want to > use one of those instead? Would I need two boxes to achieve the same > functionality? SSH is: 1) reliable now 2) available now 3) easier to set up in small/simple cases 4) available on multiple platforms 5) doesn't "do" UDP &c without extra code IPSEC is: 1) better (more thought) designed 2) more extensible and scales better 3) harder to set up in simple/small cases 4) not so easily available/installed 5) does all IP packet types, not just TCP 6) probably the future especially with IPv6 SKIP is: 1) unknown to me except by reputation -- David Pick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E12O0NE-0005Pe-00>