Date: Fri, 8 Feb 2002 11:02:41 -0500 From: David Gilbert <dgilbert@velocet.ca> To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> Cc: "James F. Hranicky" <jfh@cise.ufl.edu>, security@FreeBSD.ORG Subject: [security] Questions (Rants?) About IPSEC Message-ID: <15459.63137.108296.892211@trooper.velocet.net> In-Reply-To: <200202072142.g17LgDL69359@khavrinen.lcs.mit.edu> References: <20020207163347.51C606B29@mail.cise.ufl.edu> <200202072142.g17LgDL69359@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> "Garrett" == Garrett Wollman <wollman@khavrinen.lcs.mit.edu> writes: Garrett> <<On Thu, 07 Feb 2002 11:33:47 -0500, "James F. Hranicky" Garrett> <jfh@cise.ufl.edu> said: >> After reading up on IPSEC, I have one major question: Is it really >> a good protocol? Garrett> No, but it's the best one we've got. I've been keen on IPSec for some time ... I've even had it running between selections of hosts, but I havn't been able to set up two scenarios that would make it actually useful to me: 1) Wireless DHCP laptop <-- tunnel mode --> gatewaybox 2) Home box on Cable Modem (DHCP) <-- tunnel mode --> office The basic blocking point is that none of the HOWTO's written on the subject say anything about dynamic clients. I would really like to see a HOWTO (from someone working on this stuff) that assumes the client is roaming. Dave. -- ============================================================================ |David Gilbert, Velocet Communications. | Two things can only be | |Mail: dgilbert@velocet.net | equal if and only if they | |http://daveg.ca | are precisely opposite. | =========================================================GLO================ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15459.63137.108296.892211>