From: dzabel@snafu.de   
      
   Hi,   
   at first, i must admit I have no experience with vpn; so please bear   
   with my possibly stupid question...   
   My company needs remote support from our vendor of erp software. This   
   could be done by using a vpn tunnel. The problem we are faced with: our   
   internet connection does not give us a static ip address; instead the ip   
   number changes on every new connection (normaly once per day, not an   
   unsual setup). I thought, this should not be a problem; we could   
   register a name at dyndns.org (for example), so we are reachable by a   
   fixed dns address. Unfortunately, the erp software vendor insists on   
   having us a static ip; they claim it's a security risk to use a name by   
   a dyndns service as they could not be sure the ip number is really   
   correct (no reverse lookup possible). This is a problem for us; we would   
   need to change the contract with our internet provider and it would be a   
   lot more expensive.   
   Now my question: Is this really so? Would not the vpn authentification   
   and encryption prevent any attempt to spoof the identity of either side   
   even assumed they did indeed build a wrong connection to some evil   
   party? Or are the concerns of the erp compony well founded (maybe some   
   man-in-the-middle attack could be started)?   
   Thanks in advance   
   -- Dirk   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)