Per Jessen wrote:
Sure, if you're not interested in what happens in the not to distant
future.
I'm primarily interested in the bottom line; what happens in the near future might well affect that, but I don't see it affecting my use of NAT on my local networks.
You have a new customer, who finds they can only get a NAT address from the ISP. They also want VPN access to their network. How would you arrange that? If they get a real IP address and use NAT internally, you could still run a VPN to their firewall, but what if they want to have VPNs directly to computers behind their firewall? Now things start to get messy. As I've mentioned in another note, NAT rules out IPSecauthentication headers. This means that even if a company has a real address, where the vpn terminates and you want to connect from home, where you use NAT, you can't use that security feature. Perhaps NAT is fine for you right now, but what happens tomorrow when you want to use something that fails with NAT? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org