[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: IPSec VPN and Watchguard Firebox 2

Hash: SHA1


Does anybody know if there are any news concerning freeswan and Watchguard Firebox 2 interoperability? Some time ago I read that the two would not work together, as Watchguard does not use triple DES during the negotiation phase. Is there a patch around for freeswan?


Am Mittwoch den, 21. August 2002, um 08:42, schrieb Rcca:

I'm sure freeswan can accept dynamic connections, with variable IP address. FreeSwan has a Road Warrior mode, but it has some limitations. Yous don't set the Road warrior side, you set only the IP address to, and set the keys. In this case the Road Warrior will initiate the

Idézve: Dátum: 2002/8/14 12:55:18. Feladó: Johan Segernas <johan.segernas@foretagsuniversitetet.se>.

 Feladó: Johan Segernas <johan.segernas@foretagsuniversitetet.se>

 Címzett:'Jeff' <jcoppock1@attbi.com>, debian-security@lists.debian.org
 Tárgy:  RE: IPSec VPN
 Dátum:  Wed, 14 Aug 2002 12:55:18 +0200

- If so which is compatible? Is FreeSWan compatible?

FreeSWan is compatible, but only as a "Branch Office" tunnel, not as a
dynamic Client tunnel.  Check with the administrator of the Contivity
VPN Switch on whether he/she is willing to set it up.

I didn't read this from the beginning, but you can make FreeSWan use SSL
 and then get it to handle dynamic tunnels.

I have one FW at work with FreeSWan and i have some different clients which both have static and dynamic IPs, and the one with dynamic I use x.509-auth.

 But maybe that wasn't what you meant by dynamic client tunnel..?

To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

- -------------------

PGP / GPG Key:	http://www.ncpro.com/GPG/mmweber-at-ncpro-com.asc
Version: GnuPG v1.0.6 (Darwin)
Comment: For info see http://www.gnupg.org


Reply to: