[Vpn-help] Hopefully the final 1.1 RC release ...
Peter Eisch
peter at boku.net
Wed Sep 27 20:45:05 CDT 2006
Yeah! I'm up with Hybrid after using local id of IP/Any. I'm still fuzzy
on what I thought Hybrid was supposed to be. I thought:
Server: offers cert and doesn't give a hoot about who the client is
Client: ensures that the server cert was signed by the ca.crt
selected
They both then use the crypto that the server offers and go on living
happily ever after. The auth that determines the success of the company
comes in the credentials (login/passwd) offered. It's less secure than
other forms, but that's the beauty for roadwarriors.
Then again, maybe I'm wrong.
I'll test some more with this if kids stop tramping on my network cable.
peter
More information about the vpn-help
mailing list