Re: Big VPN
On Tue, Mar 02, 2004 at 21:41:34 +0100, Jaroslaw Tabor wrote:
> I've reviewed freeswan and OE feauture. This looks nice, but I'm afraid
> about security.
If you're looking for a VPN solution, by all means look at FreeS/WAN (or its
likely successor, OpenSWAN). Just forget about OE. OE isn't about the type
of security you're looking for in a VPN.
> If I understand this solution right there is no authentication at all.
With OE that may be true. For a VPN you shouldn't configure OE, but use one
of the authentication methods in IPSec, like RSA digital signatures, or a
shared secret.
http://en.wikipedia.org/wiki/IPSEC provides a nice overview of IPSec.
HTH,
Ray
--
AJ: Geeez, Erwin. He wasn't even ARMED.
Erwin: I don't care. I have lots of ammo and he was wearing a TIE.
http://ars.userfriendly.org/cartoons/?id=20010209
Reply to:
- References:
- Big VPN
- From: Jaroslaw Tabor <jarek@srv.pl>