<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <HTML> <HEAD> <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.21"> <TITLE>Secure Boot CDs for VPN HOWTO: Advanced Issues</TITLE> <LINK HREF="Secure-BootCD-VPN-HOWTO-7.html" REL=next> <LINK HREF="Secure-BootCD-VPN-HOWTO-5.html" REL=previous> <LINK HREF="Secure-BootCD-VPN-HOWTO.html#toc6" REL=contents> </HEAD> <BODY> <A HREF="Secure-BootCD-VPN-HOWTO-7.html">Next</A> <A HREF="Secure-BootCD-VPN-HOWTO-5.html">Previous</A> <A HREF="Secure-BootCD-VPN-HOWTO.html#toc6">Contents</A> <HR> <H2><A NAME="s6">6.</A> <A HREF="Secure-BootCD-VPN-HOWTO.html#toc6">Advanced Issues</A></H2> <P>I believe that the majority of security and ease of use issues are dealt with by the technologies I have described here. Certainly there are many issues that this technology could expose (mostly internal political or policy issues within your own institution). </P> <P>If you discover any flaws in the technology. Please contact me about it.</P> <P>Also, if you can explain the proper pf rules to get *bsd to properly forward (masquerade the 10. network) packets to Internet-routed network segments on the internal side of the VPN, I would definitely like to hear from you. I could not get it to work, whereas the Linux masquerading rule I found just works.</P> <HR> <A HREF="Secure-BootCD-VPN-HOWTO-7.html">Next</A> <A HREF="Secure-BootCD-VPN-HOWTO-5.html">Previous</A> <A HREF="Secure-BootCD-VPN-HOWTO.html#toc6">Contents</A> </BODY> </HTML>