From owner-freebsd-questions@FreeBSD.ORG Tue Oct 11 15:24:59 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1DE8D16A438 for ; Tue, 11 Oct 2005 15:24:59 +0000 (GMT) (envelope-from freebsd@meijome.net) Received: from sigma.octantis.com.au (ns2.octantis.com.au [207.44.189.124]) by mx1.FreeBSD.org (Postfix) with ESMTP id A385143D46 for ; Tue, 11 Oct 2005 15:24:58 +0000 (GMT) (envelope-from freebsd@meijome.net) Received: (qmail 20120 invoked from network); 12 Oct 2005 01:24:58 +1000 Received: from 203-158-40-103.dyn.iinet.net.au (HELO ?192.168.13.3?) (203.158.40.103) by sigma.octantis.com.au with (DHE-RSA-AES256-SHA encrypted) SMTP; 12 Oct 2005 01:24:57 +1000 Message-ID: <434BD944.6070204@meijome.net> Date: Wed, 12 Oct 2005 01:24:52 +1000 From: Norberto Meijome User-Agent: Mozilla Thunderbird 1.0.7 (Windows/20050923) X-Accept-Language: en-us, en MIME-Version: 1.0 To: nospam@mgedv.net References: <20051011135238.E087E186800@mgedv.at> In-Reply-To: <20051011135238.E087E186800@mgedv.at> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: encrypted file sharing bsd<-->winxp/2k3 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Oct 2005 15:24:59 -0000 mdff wrote: >>>>VPN is probably your choice. Check out OpenVPN >>>>(http://openvpn.net/) for a portable and relatively >>>>easy-to-setup solution. >>> >>> >>>thx for the hint, but we don't want VPN/tunnels/ipsec >>>solutions for this. >> >>would you mind explaining why not? >> >>(I was going ot suggest SSH forwarding and then your protocol >>of choice, >>but that is a tunnel ). >> > > because one user being authenticated on the windows client > should be able to connect to another network share without > needing to always startup a ipsec-connection, I _think_ that with windows all you have to do is tell the domain to run on ipsec, and once you have the certs installed it's all ready to be used. > authenticate > and re-map the drive (necessary because sometimes windows > does not re-map the drive automatically). still beats me why people insist in using drive letters. a) as you say, when or why they work or dont (their mapping i mean) is another of MS voodoo things; b) why restrict yourself to so few connections ; c) using \\servername\share (or domainanme\\share\ in AD) would be better Shares published via AD is much better - it just works. browse to the server. Anyway, i digress :) > technically the solution would fit, but the admin overhead > would be too much. > understood :) webdav/ssl sounds like a good idea, as per Andrew Gould's email. Beto