<< | Thread Index | >> ]    [ << | Date Index | >> ]


>> c) L2TP + IPSEC. Ok if all you are going to use for your network
>> infrastructure is Windows 2000 and (expensive) Cisco gear.
>
>Do you have to use expensive Cisco gear ?
>Can cheap Linux based equivalents be used ???
>

Yeah, if someone is willing to write it. Remember, even though L2TP is
described by RFC, Cisco and Microsoft did it for themselves. I don't know
if anyone else has implemented it yet (according to their specs, which are
not necessarily the same as the RFC's)

>
>Some people believe that *NO* network traffic should get through to the
local
>network unless it has been authenticated/secured.
>

I'm one of those people.

>
>Are these are session keys you are talking about, rather than master keys.
>Master keys are manually entered at both ends aren't they ?
>Can RSA be used or some kind of certificate system to exchange initial
master
>keys and initial session keys ?
>

Yeah. That's an approach that could work. I think that Olaf is more adept
at that kind of thing than I, though. Here at work we've chatted about
using S/Key or some such facility to manage the "master" static keys for
our own purposes.

>Thanks,
>Brendan Simon.

Anytime dude. Now, back to coding

Damion K. Wilson





<< | Thread Index | >> ]    [ << | Date Index | >> ]