Using IP Addresses - CompTIA A+ 220-1001 Prof Messer
-
-
On a VLAN with multiple switches: are the IP addresses for those static or can they be dynamic?
-
@mary said in Using IP Addresses - CompTIA A+ 220-1001 Prof Messer:
On a VLAN with multiple switches: are the IP addresses for those static or can they be dynamic?
By "for those" do you mean the switches? I'm pretty sure the switches could be dymanic (vendors each will have their own rules/requirements). Assigning VLANs is below the IP layer, so IP addresses aren't directly related to VLANs.
-
@mary said in Using IP Addresses - CompTIA A+ 220-1001 Prof Messer:
On a VLAN with multiple switches: are the IP addresses for those static or can they be dynamic?
VLANs are at the Ethernet layer, and IP is above that. So the two do not interact. VLANs are exactly like a normal physical LAN to the IP protocol. So IPs being static or dynamic are both options in either case.
-
@mary said in Using IP Addresses - CompTIA A+ 220-1001 Prof Messer:
On a VLAN with multiple switches: are the IP addresses for those static or can they be dynamic?
As @Dashrender already mentioned, VLAN is below the IP layer. So, yes, VLANs can have dynamic IP addresses, just like any independent network.
-
When using an SSL VPN, if the VPN concentrator decrypts the data being sent, wouldn't it be possible for someone to capture the data and also decrypt it?
-
@connorsoliver said in Using IP Addresses - CompTIA A+ 220-1001 Prof Messer:
When using an SSL VPN, if the VPN concentrator decrypts the data being sent, wouldn't it be possible for someone to capture the data and also decrypt it?
Possible, sure. But very, very hard. The VPN concentrator has the keys, someone intercepting the traffic presumably does not. The point of VPN encryption is to make it so hard to decrypt the data that you don't care if they see it. It's about making something safe enough that we assume we will send it in the open and not worry.
So we assume that people capture that data constantly - but we have made it so hard to use, that they can't do it.
-
@scottalanmiller said in Using IP Addresses - CompTIA A+ 220-1001 Prof Messer:
@connorsoliver said in Using IP Addresses - CompTIA A+ 220-1001 Prof Messer:
When using an SSL VPN, if the VPN concentrator decrypts the data being sent, wouldn't it be possible for someone to capture the data and also decrypt it?
Possible, sure. But very, very hard. The VPN concentrator has the keys, someone intercepting the traffic presumably does not. The point of VPN encryption is to make it so hard to decrypt the data that you don't care if they see it. It's about making something safe enough that we assume we will send it in the open and not worry.
So we assume that people capture that data constantly - but we have made it so hard to use, that they can't do it.
We more than assume that - we pretty much know the NSA is doing that after the Snowden leaks.
