Re: [Ekiga-list] Ekliga Encryption.



On Sun, 26 Dec 2010, Sergei Steshenko wrote:

However, if you and the person at the other end are
able to install and configure openvpn, then just connect to
them
directly over the vpn tunnel, using the private IP if you
don't have DNS

I am not sure OpenVPN works in case _both_ parties are behind a firewall.

If I understand correctly, if both parties are behind a firewall, a STUN
server is necessary, and even with STUN server success depends on firewall
type.

OpenVPN works perfectly well behind firewall - you can use any port.  It also
works behind NAT if either party is knowlegeable enough to inform the
other of their (temporary) public IP.  Dynamic DNS works for this as well
(see for example no-ip.com).  (And I'm not aware of openvpn being able to use
STUN.)  In my case, I cheat and use my home server as an OpenVPN concentrator
since it has cable, which has long lived IPs.  Each friend and family
member has their own key, which is assigned a permanent private ip.

The VPN network extends to other VPNs as well via gateways.  I see this
being the future of the internet, since it is the only way for most of us
to get started with IPv6.

--
	      Stuart D. Gathman <stuart bmsi com>
Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]