the only VPN solution is not in rh
Wil Cooley
wcooley at nakedape.cc
Wed Oct 22 20:25:49 UTC 2003
On Wed, 2003-10-22 at 07:39, Farkas Levente wrote:
> hi,
> currently there is not any real vpn solution in rh distro. what are the
> alternatives:
> - freeswan (ipsec)
> - cipe
> - openvpn
>
> although ipsec is the future, it has many probles. the old kernel
> implementation is not accepted while the new is just in the 2.6 series
> (the backport is...) and the freeswan's user space part is not compiled
> for the the ipsec implementation. and we don't the quality of that part
> of the code (that was the reason why the old kernel psace can't get into
> the kernel). the x509 patch still not in the mainstream freeswan which
> is essential for windows clients. imho it needs a year to be stable and
> usable.
FreeS/WAN has problems, but it does work. I'd much rather see FreeS/WAN
support than anything; it's standard and interoperates with lots of
other IPSEC implementations; CIPE and OpenVPN are, AFAICT, not widely
supported and "proprietary" (in the sense that they're non-standard and
not even seeking standardization). FreeS/WAN itself works well enough
as an external module; they only problem is if you want NAT-Traversal,
it would need a patch to the actual kernel.
Wil
--
Wil Cooley wcooley at nakedape.cc
Naked Ape Consulting http://nakedape.cc
* * * * * * * Good, fast and cheap: Pick all 3! * * * * * * *
* Naked Ape Consulting http://nakedape.cc *
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20031022/da3f2ce9/attachment.sig>
More information about the fedora-devel-list
mailing list