by I would like to connect two locations via a virtual private network
(VPN).
The two locations have private nets based on tcp/ip with private
ip-adresses (192.168.x.x). Both locations are connected to the internet
by a Linux-Firewall.
Linux offers for VPN's the IP-tunneling facility (which seems to work).
Now we are discussing the security of this solution. It seems safe for
us because:
- the VPN connection is possible only between the two locations
(static ip-adresses; because of the routes)
- sniffing our transmitted data is very hard, because the "sniffer"
has to have access to one of the lines between the router and
gateways (of the net carrier)
Do you think the given analysis is correct? Where do we fail?
But - assuming our risk analysis is correct - we would
like to enlarge the security by encrypting the packets.
Is someone implementing an encryption algorithm (or has implemented)?
If not, which algorithm should be used for such a task?
Any comment is appreciated,
Jrgen.