<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
 <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.21">
 <TITLE>Secure Boot CDs for VPN HOWTO: Advanced Issues</TITLE>
 <LINK HREF="Secure-BootCD-VPN-HOWTO-7.html" REL=next>
 <LINK HREF="Secure-BootCD-VPN-HOWTO-5.html" REL=previous>
 <LINK HREF="Secure-BootCD-VPN-HOWTO.html#toc6" REL=contents>
</HEAD>
<BODY>
<A HREF="Secure-BootCD-VPN-HOWTO-7.html">Next</A>
<A HREF="Secure-BootCD-VPN-HOWTO-5.html">Previous</A>
<A HREF="Secure-BootCD-VPN-HOWTO.html#toc6">Contents</A>
<HR>
<H2><A NAME="s6">6.</A> <A HREF="Secure-BootCD-VPN-HOWTO.html#toc6">Advanced Issues</A></H2>

<P>I believe that the majority of security and ease of use issues are dealt with by the technologies I have described here.  Certainly there are many issues that this technology could expose (mostly internal political or policy issues within your own institution). </P>
<P>If you discover any flaws in the technology.  Please contact me about it.</P>
<P>Also, if you can explain the proper pf rules to get *bsd to properly forward (masquerade the 10. network) packets to Internet-routed network segments on the internal side of the VPN, I would definitely like to hear from you.  I could not get it to work, whereas the Linux masquerading rule I found just works.</P>

<HR>
<A HREF="Secure-BootCD-VPN-HOWTO-7.html">Next</A>
<A HREF="Secure-BootCD-VPN-HOWTO-5.html">Previous</A>
<A HREF="Secure-BootCD-VPN-HOWTO.html#toc6">Contents</A>
</BODY>
</HTML>