[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Completely transparent VPN between NATed sites

On Thu, 2003-08-21 at 10:36, Stefan Sczekalla wrote:
> Hi Jason,
> Hmmm not for beeing paranoid, but until today I thougt, that its a
> good/usual practice to have a two-stage-firewall.
> first stage does filter, second stage contains the so called application
> level gateways ( e.g. Web server, vpn-gw, mail server ).

Who taught you that IPsec occurred at the application layer?  I want
some of whatever they're taking.

> ... and well, I really tried hard, but exchange wont install at my OpenBSD
> box.
> ( ok i was not my desiction to use Exchange - but nevertheless i have to ...
> )

Uh, yeah.

> so I wouldn`t treat using a non single box-solution as an beginners mistake.

If you only knew.

Jason Dixon, RHCE
DixonGroup Consulting