Re: [Sheflug] IPsec -Linux

[Richard Stevenson <richard [at] xxxxxxxxxxxxxxxxxxxxxxx>]

On Mon, 26 Apr 2004, Dawson, Alan wrote:

> All,
> Anybody got experience of using IPsec on Linux
>
> Whats the options that are available.  I heard that FreeSwan's gone, and
> that its all changed in 2.6.
>
> Anybody got some clue they can share

I've used the 2.6 IPSEC stuff (it's KAME, the same implementation used in
the *BSD systems) to encrypt all traffic between my (Linux) workstation
and other systems at work, and I've also got an IPSEC VPN tunnel running
between a FreeBSD server and a Cisco PIX to connect our two offices.  In
both cases, I have Racoon providing IKE services with a shared secret for
authentication (you can use X.509 certificates as well, but that gets
messy and expensive if you're using a Pix on the other end).

It took some reading and experimentation to get my head around it all, but
it does work.  How can I help?

Cheers

R


-- 
Richard Stevenson : UNIX/Linux/Networking/Security Geek : 025-285-5873

  Doing it 'Chernobyl Style':
  Mixing up the Vics Vapour Rub with the KY Jelly.
    -- Justin Moe
___________________________________________________________________

Sheffield Linux User's Group -
http://www.sheflug.co.uk/mailfaq.html

  GNU the choice of a complete generation.