Re: [gnome-network]Re: gnome-network VPN client

On Wed, 2003-10-29 at 13:24, Rodrigo Moya wrote:
> On Wed, 2003-10-29 at 11:36, Paul Coates wrote:
> > On Tue, 2003-10-28 at 23:17, Carlos Morgado wrote:
> > > On Mon, 27 Oct 2003 11:29:48, Paul Coates wrote:
> > > 
> > > > I always considered VPN to be similar to dialup, both provide a new
> > > > network interface with an IP address on the remote network, and you need
> > > > to setup your routing to play nice with the other network interfaces.
> > > 
> > > iirc frees/wan doesn't provide a network device.
> > 
> > VPN using PPTP and IPSec are two different animals, I should have said
> > VPN using PPTP. PPTP uses PPP and creates new interfaces, from what I
> > can tell IPSec does it's own thing on top of IP.
> > 
> hmm, does this mean we might have to provide a VPN/PPTP setup in GST and
> a IPSEC setup in gnome-network? How does IPSEC work? Does it still need
> root access?

The best place for both is the same place you configure your network
interfaces, in gnome-setup-tools. I think users would expect to find
them together in the same client program as their network setup.

I have not looked at IPSec much but it is basically a wrapper around IP
network packets. It uses a kernel module which intercepts each packet
and decides what to do with it based on a security policy database.
Packets are either passed through untouched or encrypted and a new
packet header attached. The policy is based on source/destination IP and
port numbers just like a firewall. I don't know if it needs root to run
ipsec, I've never used it, but I would think so.


Paul Coates
Computing Officer - Networks
Newcastle University

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]