Secure tunnel: SSH or SSL or IPsec?
Bill Moran
wmoran at potentialtech.com
Tue Jun 17 21:31:40 PDT 2003
P. U. Kruppa wrote:
> On Tue, 17 Jun 2003, Bill Moran wrote:
>
>>Darren Pilgrim wrote:
>>
>>>I need to create a secure connection over the inter between my workstation at
>>>home and a server I have elsewhere. My workstation is running RELENG_5_0 and
>>>the server runs RELENG_4_8, both up to date. I need the secure connection to
>>>occasionally access swat and VNC remotely. You can assume all the ports I'll be
>>>accessing are local to the server. My workstation is behind a Linksys BEFSR
>>>router doing NAT with an IPsec passthrough.
>>>
>>>What would work best in this situation?
>>
>>Just to throw something else into the mix.
>>
>>I've used vtun in the ports (net/vtun) with great success. It's fairly easy
>>to set up and works like a charm.
>>You can configure it to use any port you want, whatever's available.
>>It's what I would use if I were in your situation, so I thought I'd recommend it.
>
> Just to throw something else ... :-)
> vtun really works well - as long as both client and server have
> static IP's .
> Do you have any idea what can be done if the client has a dynamic
> IP ? Connecting from client to server always works well. But the
> other way round my connection breaks after some time and cannot
> be restablished.
I haven't had any problem with this, since I've never had the need
to connect from server to client. All sessions were initiated from
the client.
I don't know of a clean solution to allow you to connect to an IP
that keeps changing, for any type of VPN software.
--
Bill Moran
Potential Technologies
http://www.potentialtech.com
More information about the freebsd-questions
mailing list