Mitch (WebCob) wrote:
> Hey Magne - I agree with you in pricipal - but there are
> different realities - one like Fred seems to be talking about
> - WAP hotspots... would put an unrealistic burden on the
> users to connect if we expect them to configure IPSEC or PPTP
> on their windows boxes so they can surf in my coffee shop.
True, specially for public and ad-hoc WLAN where traffic
passing your firewall is redirected to Internet and only a
few services like http, https, dns and so on are passed.
But the setup of VPN on a windoze box connecting to m0n0wall
PPTP, is really a no-brainer if a quick how-to is given, but
clearly most suitable for home LAN or Company LAN.
The fact that the exact same procedure for connecting
from WAN side of m0n0wall as for the WLAN(or any optional
interfaces), could be another good argument for using it at home...
or at work for that sake...
> There is always a balance of security and usability - if the
> "cost" of security sacrifices to much usability, then it's
> pointless - the system won't be used at all...
As for the security vs. usability, I agree with you.
For a hotspot like you have, IPSEC or PPTP would not