On 1/18/06, Hans-Joerg Hoexer <[EMAIL PROTECTED]> wrote: > On Wed, Jan 18, 2006 at 11:20:55AM +0100, Joachim Schipper wrote: > Forget about openvpn, there's no need to fiddle around with third > party stuff. OT: OpenVPN has its purposes, though this particular scenario shouldn't be one of them. On several occasions, I have run into scenarios where connectivity was limited, ALL IPs were behind NAT, endpoint IPs changed often and only specific TCP/UDP ports were permitted. (Many times in an attempt to specifically thwart IPSEC.) OpenVPN has proved robust and reliable in those environments.
> Just make sure to take a look at vpn(8). If ipsec does not suit > your needs, take a look at tunneling using ssh(1) "-w". Unfortunately, while I love the flexibility of SSH tunneling, I would still consider it an ad-hoc solution for most, a massive drawback being that it tunnels over TCP.
