> I don't know about the Small Office version, but the big one certainly
can't
> compete with OpenBSD on price though!
>
> (Unless you count your time developing the expertise to configure it
> properly as valuable - that's a hard one to quantify).

ipf is pretty trival to use and in terms of straight out IP-IP non-NAT,
openbsd IPSec/IKE/X.509 is pretty trival to get going.

> Whatever...terminating the IPSec tunnel at the router does get around the
> problem with NAT and Authentication headers.

Yes. Shame about the lack of a bridging. Depending on what happens at Mt.
Maunganui I've got 2-3 DSL and 2 cable connections. Usual cheap as possible
solution required. ;)

I might expt again with openbsd 2.8 IPSec when it comes out, since I had no
love with 2.7 and the M10/5.3.0R2.

Nicholas

This message is part of the NZ Broadband mailing list.
see http://unixathome.org/adsl/ for archives, FAQ,
and various documents.
To unsubscribe: send mail to majordomo@unixathome.org
with "unsubscribe adsl" in the body of the message
Received on Mon Oct 16 16:34:23 2000