Freeswan Re: VPN Tools!

To: Alex Borges <alex@co.com.mx>
Cc: debian-isp@lists.debian.org
Subject: Freeswan Re: VPN Tools!
From: Thomas Kruse <tktrash@sforce.org>
Date: Sat, 3 Aug 2002 21:41:53 +0200
Message-id: <[🔎] 20020803214153.3d61e94b.tktrash@sforce.org>
In-reply-to: <[🔎] 1028399835.568.3.camel@alex>
References: <[🔎] 20020804011451.856E.AXANET@ms32.hinet.net> <[🔎] 1028399835.568.3.camel@alex>

Hi there,
please consider that FreeSwan is a really massive pain in the ass (imho). The configuration is kind of illogical (especially when and why "nexthop" is needed) and if you want to connect two hosts with dynamic adresses you have to restart it with all tunnels going down as a result.
In addition to that you have to tweak with your routing, if you have a non-standard setup, (for example a default gateway which is not in the same subnet as you and needs a hostroute to be reachable, though is a bad thing, I have seen it a lot of times and have no idea how to get Freeswan working with that. Perhaps that is my fault, though. The dynamic ip trouble is known to the Freeswan developers and it is worked on it afaik.)
There are other ipsec implementations for linux to my knowldge, but I had not yet my hands on them. 
In addition to that the debian freeswan kernel patch package does not apply to the current kernels, use the one from freeswan.org instead!

If someone has hints for me with this trouble, let me know!

Yours,
Thomas

On 03 Aug 2002 13:37:15 -0500
Alex Borges <alex@co.com.mx> wrote:

> El sáb, 03-08-2002 a las 12:26, axacheng escribió:
> > Hello List :
> > 
> > Does anyone knows What is best package on VPN solution????
> > 
> > That package have perfect security , compatibility and friendly config
> > file for administrator!
> > 
> Wahahahaha..... NO!..... 
> 1.- FreeSWAN ---> IPSEC perfectly compatible with...um...'true' IPSEC,
> that is compliant routers and vpn boxes
> 
> > pptpd is better than freeswan????  or have other good package??  @_@
> >
> 2.- PPTPD .... compatible with windows clients....SUCKS... slow, bitch
> ass security
>  
> > BTW, where i could find good document or howto  to implement a VPN
> > environment ???
> Many....
> 
> STFW .... google.com ....   VPN Howto ...... also apt-cache search vpn,
> apt-cache search ipsec
> 
> 3.- Depending on your needs, consider ssh ppp tunnels, VTUN, stunnel as
> those are generaly easyer to implement than most other stuff....
> 
> 
> Alex  
> > 
> > Thanks Very Much.  ;-)
> > 
> > -- 
> > Trust & Unique ... 
> > Axacheng's PGP Public Key   http://www.navigation.idv.tw/pgpkey
> > 
> > 
> > 
> > -- 
> > To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> > with a subject of "unsubscribe". Trouble? Contact
> > listmaster@lists.debian.org
> > 
> 
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>

Reply to:

References:
- VPN Tools!
  - From: axacheng <axanet@ms32.hinet.net>
- Re: VPN Tools!
  - From: Alex Borges <alex@co.com.mx>

Prev by Date: Re: Setting up an SSL Server
Next by Date: Re: Setting up an SSL Server
Previous by thread: Re: VPN Tools!
Next by thread: VPN Tools!
Index(es):
- Date
- Thread