[gooderlooking]

It's similar in that it's peer-to-peer, but doesn't require an auth/directory server to establish connections. If any known peer is accessible, the two can authenticate directly.

[kika]

To successfully traverse many NATs you need a third party, which is already accessible from two parties trying to handshake.

[gooderlooking]

Yep, that's what I meant by "accessible" too. But with Hamachi, there's a central service for client authentication. With freelan, peers authenticate directly via signed crts.

[XorNot]

I looked into this heavily over the past few days. The punchline is this needs support for NAT traversal and some type of out-of-band way for clients to find each other.

NAT traversal is an implementation thing, and I favor Jabber as the out-of-band these days since everyone can get at least a GTalk account.

Though we now have libjingle, which basically merges both of these things and would probably elegantly solve the problem. But p2p vpn's aren't much use if you have to control the NAT router you're attached to.

[pyre]

> I favor Jabber as the out-of-band these days since everyone can get at least a GTalk account.

Isn't that deprecated in favour of Google Hangouts?

[XorNot]

Whatever they're calling it, you can still get free XMPP accounts easily.

[rurounijones]

If it has been tied to hangouts then it has been tied to g+ and their ridiculous policies, I hardly class it as a good alternative.

[anonymous]

Isn't the upnp feature of most home routers enough?