Re: VPN + Roadwarrior
>From "Building Linux VPNs", FreeS/WAN has some basic interoperability
with:
KAME: FreeBSD, NetBSD, OpenBSD, BSDi
PGPnet
Windows 2000
F-Secure VPN
IRE Safenet/SoftPK
SSH IPSec Express
Gauntlet GVPN
Xedia's AccessPoint QVPN
Checkpoint SecuRemote VPN-1/Firewall-2
Raptor Firewall, Raptor MobileNT T
Testing was not comprehensive and there are no guarantees of ease of
setup.
Web based testing tools at:
http://ipsec.wit.antd.nist.gov/
http://isakmp.test.ssh.fi/
http://www.vpnc.org/conformance.html
I recommend this book if you are thinking of some kind of VPN. See my
review at: http://www.ercb.com/feature/feature.0063.html
HTH,
Jeffrey
Quoting Noah L. Meyerhans <noahm@debian.org>:
> On Thu, Dec 12, 2002 at 09:39:27AM -0500, Phillip Hofmeister wrote:
> > If you implement IPSec, my experience (as of 6 months ago) with IPSec is
> > that it works great, as long as you use the same implementation on all
> > host.
>
> I don't really agree with that. I have used several different IPsec
> implementations and interoperated successfully. The latest combination
> that I tried was the Linux 2.5 native IPsec communicating with
> FreeS/WAN. No problem. I've documented the steps I had to go through
> to get the {Free,Net}BSD IPsec implementation to interoperate with
> FreeS/WAN using X.509 certs for authentication. Again, very few
> problems.
>
> www.freeswan.org has quite a bit of interoperability documentation.
> Basically, the only difficulties come from the fact that the Internet
> Key Exchange (IKE) protocol, defined in RFC 2409, has so damn many
> configurable parameters that it's easy to missconfigure it. Since there
> isn't (and probably won't ever be) a standard set of defaults, this can
> get confusing.
>
> noah
>
Reply to: