<< | Thread Index | >> ]    [ << | Date Index | >> ]

>> c) L2TP + IPSEC. Ok if all you are going to use for your network
>> infrastructure is Windows 2000 and (expensive) Cisco gear.
>Do you have to use expensive Cisco gear ?
>Can cheap Linux based equivalents be used ???

Yeah, if someone is willing to write it. Remember, even though L2TP is
described by RFC, Cisco and Microsoft did it for themselves. I don't know
if anyone else has implemented it yet (according to their specs, which are
not necessarily the same as the RFC's)

>Some people believe that *NO* network traffic should get through to the
>network unless it has been authenticated/secured.

I'm one of those people.

>Are these are session keys you are talking about, rather than master keys.
>Master keys are manually entered at both ends aren't they ?
>Can RSA be used or some kind of certificate system to exchange initial
>keys and initial session keys ?

Yeah. That's an approach that could work. I think that Olaf is more adept
at that kind of thing than I, though. Here at work we've chatted about
using S/Key or some such facility to manage the "master" static keys for
our own purposes.

>Brendan Simon.

Anytime dude. Now, back to coding

Damion K. Wilson

<< | Thread Index | >> ]    [ << | Date Index | >> ]