tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: IPsec vs ssh

On Nov 11,  5:33pm, Christos Zoulas wrote:
} On Nov 11,  2:18pm, (John Nemeth) wrote:
} | } I beg to differ. I am using xl2tpd (from pkgsrc) with IPSEC/NAT-T
} | } to provide an L2TP gateway for my iphone and MacOS/X box and it works
} | } just fine (under /current). I bet android and windows are simple to
} | } get working too.
} | 
} |      This sound like the NetBSD side has a public address and is
} | acting as the "server".  What happens if the NetBSD side has a
} | private address?
} I will try and let you know. You want the NetBSD side to be behind NAT,
} and NetBSD to be initiating the connection, right?

     Yep.  Would be kind of hard for the other side to initiate
the connection.  :->  Of course, Darren said he was using KAME,
and you would be using FAST_IPSEC given that KAME was removed from
-current.  So even if your test passes (which would be good news),
it doesn't mean that Darren's setup would work.  I could update my
laptop and try, but it would probably be a few days for me to build,
install, and test.

}-- End of excerpt from Christos Zoulas

Home | Main Index | Thread Index | Old Index