dns interceptors

charles at knownelement.com charles at knownelement.com
Mon Feb 15 03:16:33 UTC 2010

Not familiar with --outform argument. Will have to look into it. 

Presume you are doing site to site/network to network? Or are you setting this up for end users to terminate to?

I've done the latter many many times, but not net to net. Happy to provide docs if you/nanog like. 

I think that everyone should run a vpn to secure remote access to  services  they are operating. 

You integrating this with an existing ski infrastructure? If so is it openssl based?
Or maybe ad based? 

Lots of openvpn variables.... Might be worth starting a new thread on the subject. As I said, I feel its vital for folks to have a deep familiarity with openvpn and best practices etc. 

------Original Message------
From: Randy Bush
To: Charles Wyble
Cc: nanog at nanog.org
Subject: Re: dns interceptors
Sent: Feb 14, 2010 7:10 PM

> I run openvpn on my linux box to do exactly that.

i am in the midst of setting up some openvpn servers now, westin,
ashburn, tokyo, but westin first.  having problems sorting in what
--outform it wants the bleeping certs.


Sent via BlackBerry from T-Mobile

More information about the NANOG mailing list