Hi, at first, i must admit I have no experience with vpn; so please bear with my possibly stupid question... My company needs remote support from our vendor of erp software. This could be done by using a vpn tunnel. The problem we are faced with: our internet connection does not give us a static ip address; instead the ip number changes on every new connection (normaly once per day, not an unsual setup). I thought, this should not be a problem; we could register a name at dyndns.org (for example), so we are reachable by a fixed dns address. Unfortunately, the erp software vendor insists on having us a static ip; they claim it's a security risk to use a name by a dyndns service as they could not be sure the ip number is really correct (no reverse lookup possible). This is a problem for us; we would need to change the contract with our internet provider and it would be a lot more expensive. Now my question: Is this really so? Would not the vpn authentification and encryption prevent any attempt to spoof the identity of either side even assumed they did indeed build a wrong connection to some evil party? Or are the concerns of the erp compony well founded (maybe some man-in-the-middle attack could be started)? Thanks in advance
-- Dirk