[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: the only VPN solution is not in rh



On Wed, 2003-10-22 at 07:39, Farkas Levente wrote:
> hi,
> currently there is not any real vpn solution in rh distro. what are the 
> alternatives:
> - freeswan (ipsec)
> - cipe
> - openvpn
> 
> although ipsec is the future, it has many probles. the old kernel 
> implementation is not accepted while the new is just in the 2.6 series 
> (the backport is...) and the freeswan's user space part is not compiled 
> for the the ipsec implementation. and we don't the quality of that part 
> of the code (that was the reason why the old kernel psace can't get into 
> the kernel). the x509 patch still not in the mainstream freeswan which 
> is essential for windows clients. imho it needs a year to be stable and 
> usable.

FreeS/WAN has problems, but it does work.  I'd much rather see FreeS/WAN
support than anything; it's standard and interoperates with lots of
other IPSEC implementations; CIPE and OpenVPN are, AFAICT, not widely
supported and "proprietary" (in the sense that they're non-standard and
not even seeking standardization).  FreeS/WAN itself works well enough
as an external module; they only problem is if you want NAT-Traversal,
it would need a patch to the actual kernel.

Wil
-- 
Wil Cooley                                 wcooley nakedape cc
Naked Ape Consulting                        http://nakedape.cc
* * * * * * * Good, fast and cheap: Pick all 3! * * * * * * *
*   Naked Ape Consulting                http://nakedape.cc  *

Attachment: signature.asc
Description: This is a digitally signed message part


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]