Opinion: Best VPN to use with Fedora/Windows

[Leonard Isham]

On Mon, 10 Jan 2005 12:01:32 -0700, Kevin Fries <Kevin at hcico.com> wrote:
[snip]
> OK, maybe I am simplifying things a bit more than I should be, so let me
> ask:
> 
> My conceptual understanding of VPN was that computerA needs access to
> NetworkB as if it were located on the physical network even though it is
> somewhere else.  ComputerA contacts NetworkB which assigns ServerC to
> ask as a proxy.  All traffic destined for NetworkB from ComputerA is
> Sent from A->C, ServerC retransmits the request, receives the answer,
> then relays it back C->A.  This allows A to appear to be on the network.
> ~ If ServerC was to manage up to 10 VPN connections, it would need 10 or
> 11 (if it also had other duties as itself) IP addresses with each remote
> client having a unique IP.

A VPN is using a shared media to create a private connection.  This
could be bridged or routed.

> Now I can see how that could appear as a goofy type of router or more
> specifically a bridge.  Its actually more of a proxy, but at a basic
> level all proxies are actually routers.  And a bridge is simply a router
> where the network address is the same on both sides.
> 
> When they were talk about bridging, I assumed that they were talking
> about the proxy.  So when you talk about how you avoid bridging, how is
> my understanding of VPN's shortsighted?  What other options are there?

If you don't control the routing then I would use TUN (Routing) and
NAT to bypass any internal routing issues.

-- 
Leonard Isham, CISSP 
Ostendo non ostento.