-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HiDoes anybody know if there are any news concerning freeswan and Watchguard Firebox 2 interoperability? Some time ago I read that the two would not work together, as Watchguard does not use triple DES during the negotiation phase. Is there a patch around for freeswan?
Marcel Am Mittwoch den, 21. August 2002, um 08:42, schrieb Rcca:
I'm sure freeswan can accept dynamic connections, with variable IP address. FreeSwan has a Road Warrior mode, but it has some limitations. Yous don't set the Road warrior side, you set only the IP address to 0.0.0.0., and set the keys. In this case the Road Warrior will initiate theconnection.Idézve: Dátum: 2002/8/14 12:55:18. Feladó: Johan Segernas <johan.segernas@foretagsuniversitetet.se>.Feladó: Johan Segernas <johan.segernas@foretagsuniversitetet.se> Címzett:'Jeff' <jcoppock1@attbi.com>, debian-security@lists.debian.org Tárgy: RE: IPSec VPN Dátum: Wed, 14 Aug 2002 12:55:18 +0200- If so which is compatible? Is FreeSWan compatible?FreeSWan is compatible, but only as a "Branch Office" tunnel, not as a dynamic Client tunnel. Check with the administrator of the Contivity VPN Switch on whether he/she is willing to set it up.I didn't read this from the beginning, but you can make FreeSWan use SSLand then get it to handle dynamic tunnels.I have one FW at work with FreeSWan and i have some different clients which both have static and dynamic IPs, and the one with dynamic I use x.509-auth.But maybe that wasn't what you meant by dynamic client tunnel..?-- To UNSUBSCRIBE, email to debian-security-request@lists.debian.orgwith a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
- ------------------- PGP / GPG Key: http://www.ncpro.com/GPG/mmweber-at-ncpro-com.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (Darwin) Comment: For info see http://www.gnupg.org iD8DBQE9Y2lv1EXMUTKVE5URAhfoAJ9TA9/ugKK6wUaqCKO7fS0JOfaYKQCeLyVP d0dPazPQ13NDoOEfp3eE9Jk= =i5sl -----END PGP SIGNATURE-----