Re: IPsec vs ssh

To: christos%zoulas.com@localhost (Christos Zoulas), John Nemeth <jnemeth%cue.bc.ca@localhost>, tech-net%netbsd.org@localhost
Subject: Re: IPsec vs ssh
From: John Nemeth <jnemeth%cue.bc.ca@localhost>
Date: Mon, 11 Nov 2013 17:32:00 -0800

On Nov 11,  5:33pm, Christos Zoulas wrote:
} On Nov 11,  2:18pm, jnemeth%cue.bc.ca@localhost (John Nemeth) wrote:
} 
} | } I beg to differ. I am using xl2tpd (from pkgsrc) with IPSEC/NAT-T
} | } to provide an L2TP gateway for my iphone and MacOS/X box and it works
} | } just fine (under /current). I bet android and windows are simple to
} | } get working too.
} | 
} |      This sound like the NetBSD side has a public address and is
} | acting as the "server".  What happens if the NetBSD side has a
} | private address?
} 
} I will try and let you know. You want the NetBSD side to be behind NAT,
} and NetBSD to be initiating the connection, right?

     Yep.  Would be kind of hard for the other side to initiate
the connection.  :->  Of course, Darren said he was using KAME,
and you would be using FAST_IPSEC given that KAME was removed from
-current.  So even if your test passes (which would be good news),
it doesn't mean that Darren's setup would work.  I could update my
laptop and try, but it would probably be a few days for me to build,
install, and test.

}-- End of excerpt from Christos Zoulas

References:
- Re: IPsec vs ssh
  - From: Christos Zoulas

Prev by Date: Re: IPsec vs ssh
Next by Date: Re: IPsec vs ssh
Previous by Thread: Re: IPsec vs ssh
Next by Thread: Re: IPsec vs ssh
Indexes:

Home | Main Index | Thread Index | Old Index