[ale] IPSec question
Christopher Fowler
cfowler at outpostsentinel.com
Tue Jul 20 11:58:10 EDT 2004
On Tue, 2004-07-20 at 11:37, Geoffrey wrote:
> Christopher Fowler wrote:
> > On Tue, 2004-07-20 at 11:19, Geoffrey wrote:
> >
> >>Christopher Fowler wrote:
> >>
> >>>I have no control over the firewall device. I never even see it. some
> >>>of these networks are very large. They do not belong to me.
> >>
> >>Then you are at their mercy. ssh or ipsec will both require proper
> >>handling through a firewall.
> >>
> >
> >
> > SSH usually works fine. Anything with TCP usually works fine.
>
> Because they are supporting the service. Again, you're at their mercy.
> Most companies don't permit just anyone vpn type connectivity. Since
> you don't 'manage' the firewall in question, you'll have to work with
> each company to get ipsec connectivity.
What I make sure is that nothing has to be special for IPSec if the
firewall an pass through my tcp packets from inside can it pass through
the IPSec packets.
In a TUN device the connections are usually made from each point and
meet in the middle. If the client initiates the IPSec connection then
everything should work. Currently now I use VTUN to make all my
connections but VTUN is Linux specific.
More information about the Ale
mailing list