Re: not vpn just a remote desktop client VPN

[Guy Rouillier <guy-rouillier speakeasy net>]

Rob Crittenden wrote:

> On Thu, 4 Dec 2003, Guy Rouillier wrote:
>
> > Mark Knecht wrote:
> >
> > > A VPN is HOW we get
> > > through the firewall legally via port 22.
> >
> > Not exactly.  22 is the default port for ssh.  ssh, as used in this 
> > thread, can be thought of as encrypted telnet, though ssh can do much 
> > more.  ssh != vpn.  Once you have a VPN established, you can use an ssh 
> > application to open up a terminal session to a system at work, just like 
> > you do when you are at work (assuming you use terminal sessions at work, 
> > if not, sorry for the added confusion).  VPNs will use some negotiated 
> > port, e.g., 1582, as the secure communications channel between your home 
> > system and your work VPN server, but it will never use one of the 
> > well-known ports (like 22 for ssh or 21 for ftp).
>
>
> I should point out that you can run ppp over ssh and get a VPN that way.

Rob, sorry, I'm not following your point.  Many secure environments 
(definitely where I work) don't allow ssh connections from outside the 
secure network.  So you need the VPN connection before you can run ssh.

> You can also do local port-forwarding which is sort of a poor-man's VPN.
> For just reading remote e-mail most people could get away with just
> forwarding ports 110 (or 143 for imap) and 25.

Again, I'd like to understand this idea.  If I've got to establish a VPN 
before doing anything, what is port forwarding going to do for me?

> rob


--
Guy Rouillier