From owner-freebsd-questions@FreeBSD.ORG Sun May 18 22:01:01 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 50B7D106567C for ; Sun, 18 May 2008 22:01:01 +0000 (UTC) (envelope-from steve.lake@raiden.net) Received: from dragoncrest.jasnetworks.net (dragoncrest.jasnetworks.net [69.51.138.187]) by mx1.freebsd.org (Postfix) with ESMTP id 0E7D88FC1C for ; Sun, 18 May 2008 22:01:00 +0000 (UTC) (envelope-from steve.lake@raiden.net) Received: from works.raiden.net (works [192.168.0.3]) by dragoncrest.jasnetworks.net (8.13.1/8.12.8) with ESMTP id m4ILo7YW022846 for ; Sun, 18 May 2008 17:50:07 -0400 (EDT) (envelope-from steve.lake@raiden.net) Message-Id: <5.2.0.9.2.20080518175447.00c41508@192.168.0.30> X-Sender: megosdog@192.168.0.30 X-Mailer: QUALCOMM Windows Eudora Version 5.2.0.9 Date: Sun, 18 May 2008 18:02:14 -0400 To: freebsd-questions@freebsd.org From: Steve Lake In-Reply-To: <1211144026.21260.357.camel@phoenix.blechhirn.net> References: <5.2.0.9.2.20080518145034.00c412a8@192.168.0.30> <5.2.0.9.2.20080518145034.00c412a8@192.168.0.30> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Subject: Re: VPN setup question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 May 2008 22:01:01 -0000 At 10:53 PM 5/18/2008 +0200, Mister Olli wrote: >first you should consider the following questions: >- what kind of VPN do you wanna use? (SSL or IPSec based) From what I remember of my security training years ago, IPSec was always better. So I'd likely go with that. >- what kind of authentication? (user or certificate based) Definitely user, unless you think certificate is better. >- what kind of traffic do you wanna protect? Everything if possible. Basically I'm trying to create a protected Internet connection by using the VPN to allow me to connect to my vpn server at my home office over an insecure public connection. I would then use that vpn connection to securely securely surf the web from anywhere in the US or the world. >- do you wanna transport data between two host, from host-to-network or >networ-to-network? I'm not sure which would be best. Can you suggest one based on the previous answer? Thanks.