VPN solution(s) for Fedora Core
Steven Pritchard
steve at silug.org
Fri May 21 17:25:38 UTC 2004
On Fri, May 21, 2004 at 11:52:09AM -0400, Jason Tackaberry wrote:
> I'd like to raise the issue here and spark a discussion in the hope
> that we can find consensus on one or more pieces of VPN software to
> include in Fedora Core 3.
Well, FC2 includes ipsec-tools, so I wouldn't say it includes no VPN
software.
> I have been using and reading about OpenVPN (http://openvpn.sf.net). It
> is intuitive, well designed [1], and has excellent documentation. It is
> released under the GPL, with a special exception clause to allow linking
> with OpenSSL. OpenVPN is quality software, and we would be remiss not to
> consider it for inclusion in FC3.
There's a OpenVPN package in fedora.us QA:
https://bugzilla.fedora.us/show_bug.cgi?id=1531
(Which reminds me, I never did submit a couple of minor fixes I made.
Oops.)
> OpenVPN is released for most unices (including OS X), as well as Windows
> 2000/XP. It relies on the kernel only for the tun/tap device. I have
> toyed with other VPN software (notable CIPE, vtun, and freeswan), and
> OpenVPN was the only one that Just Worked, and worked intuitively.
I can second that. I've used it Linux-to-Linux and Windows-to-Linux
and it Just Worked. It has also Just Worked behind a bunch of random
firewalls.
> I think the other main contender for VPN software in Fedora Core would
> be Openswan. OpenVPN is portable, comfortable (being in userspace),
> flexible, and easy, but Openswan implements IPsec which is (mostly)
> standardized across vendors, and that's certainly a strong selling
> point, in spite of its complexity.
Like I said, FC2 can already to IPsec. Regardless, I have also been
working on an openswan package for fedora.us:
https://bugzilla.fedora.us/show_bug.cgi?id=1271
It still needs work, and I haven't even thought about getting it
working with the built-in 2.6 IPsec stuff yet.
Steve
--
Steven Pritchard - K&S Pritchard Enterprises, Inc.
Email: steve at kspei.com http://www.kspei.com/
Phone: (618)398-7360 Mobile: (618)567-7320
More information about the fedora-devel-list
mailing list