Date: Thu, 8 May 2003 13:39:43 -0700 From: Michael Collette <metrol@metrol.net> To: FreeBSD Security <freebsd-security@FreeBSD.org> Subject: Re: VPN through BSD for Win2k, totally baffled Message-ID: <200305081339.43667.metrol@metrol.net> In-Reply-To: <20030508122637.GA97715@madman.celabo.org> References: <200305071921.33596.metrol@metrol.net> <20030508122637.GA97715@madman.celabo.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thursday 08 May 2003 05:26 am, Jacques A. Vidrine wrote: > It's hard to tell from your message where you are getting lost, but I'll > give it a shot. Assuming you have all your certificates (let's call > them client.crt/client.key, server.crt/server.key, and ca-local.crt): Took me a while to figure out how to even ask the question! After heading down a bunch of dead ends and all. A couple of follow up questions to this. If I go the route of handing out certificates to end users, is there a mechanism for revoking their rights to enter? Employees do get other jobs, and almost all of them are using laptops which they travel with. We've had folks get laptops stolen. Is the cert an all or nothing kinda deal. For instance, I need a different level of access than a salesperson. We have a programmer who needs access to different resources than myself or sales. All of these outside folks are on dynamic IPs. With these additional needs in play am I still wise to head down the road of IPSec certificates? Later on, -- "Outside of a dog, a book is man's best friend. Inside of a dog, it's too dark to read." - Groucho Marx
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200305081339.43667.metrol>