Re: [gnome-network]Re: gnome-network VPN client
- From: Paul Coates <Paul Coates ncl ac uk>
- To: rodrigo gnome-db org, chbm gnome org, gnome-network-list gnome org
- Subject: Re: [gnome-network]Re: gnome-network VPN client
- Date: Wed, 29 Oct 2003 14:32:36 +0000
On Wed, 2003-10-29 at 13:24, Rodrigo Moya wrote:
> On Wed, 2003-10-29 at 11:36, Paul Coates wrote:
> > On Tue, 2003-10-28 at 23:17, Carlos Morgado wrote:
> > > On Mon, 27 Oct 2003 11:29:48, Paul Coates wrote:
> > >
> > > > I always considered VPN to be similar to dialup, both provide a new
> > > > network interface with an IP address on the remote network, and you need
> > > > to setup your routing to play nice with the other network interfaces.
> > >
> > > iirc frees/wan doesn't provide a network device.
> > VPN using PPTP and IPSec are two different animals, I should have said
> > VPN using PPTP. PPTP uses PPP and creates new interfaces, from what I
> > can tell IPSec does it's own thing on top of IP.
> hmm, does this mean we might have to provide a VPN/PPTP setup in GST and
> a IPSEC setup in gnome-network? How does IPSEC work? Does it still need
> root access?
The best place for both is the same place you configure your network
interfaces, in gnome-setup-tools. I think users would expect to find
them together in the same client program as their network setup.
I have not looked at IPSec much but it is basically a wrapper around IP
network packets. It uses a kernel module which intercepts each packet
and decides what to do with it based on a security policy database.
Packets are either passed through untouched or encrypted and a new
packet header attached. The policy is based on source/destination IP and
port numbers just like a firewall. I don't know if it needs root to run
ipsec, I've never used it, but I would think so.
Computing Officer - Networks
] [Thread Prev