From owner-freebsd-security  Thu May 28 02:05:14 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id CAA04839
          for freebsd-security-outgoing; Thu, 28 May 1998 02:05:14 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from citadel.cdsec.com (citadel.cdsec.com [192.96.22.18])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA04699
          for <freebsd-security@FreeBSD.ORG>; Thu, 28 May 1998 02:03:00 -0700 (PDT)
          (envelope-from ian@cdsec.com)
Received: (from nobody@localhost) by citadel.cdsec.com (8.8.5/8.6.9) id LAA26554; Thu, 28 May 1998 11:09:53 +0200 (SAT)
Received: by citadel via recvmail id 26509; Thu May 28 11:08:54 1998
From: Ian Cooper <ian@cdsec.com>
Message-Id: <199805280901.LAA26511@cdsec.com>
Subject: Re: FreeBSD Tunneling
To: opsys@mail.webspan.net (Open Systems Networking)
Date: Thu, 28 May 1998 11:01:05 +0200 (SAT)
Cc: freebsd@atipa.com, freebsd-security@FreeBSD.ORG
In-Reply-To: <Pine.BSF.3.95.980528044248.21077B-100000@orion.webspan.net> from "Open Systems Networking" at May 28, 98 04:48:27 am
X-Mailer: ELM [version 2.4 PL24]
Content-Type: text
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk

> 
> On Thu, 28 May 1998, Ian Cooper wrote:
> 
> > We're presently debugging and extending the WIDE IPSEC implementation
> > to do tunnel mode, and this IS being done in South Africa :)
> 
> WooWoo!! All I ask is that it works and works as the instructions say :)
> SKIP has left a bitter taste in my mouth now when I hear the word "tunnel"
> or "vpn" :)
> 
> > The WIDE implementation, IMHO is a pretty clean one, and since it
> > is inherently a FreeBSD implementation rather than a port, I'd 
> > suggest that it be considered as a strong candidate for the "official"
> > implementation. 
> 
> Let the best Stack win :)
> 
> > We also have plans for an ISAKMP implementation. If others volunteer
> > to do some of the non-crypto ISAKMP stuff, then we can do the crypto
> > part and that would speed up the availability of isakmp.
> 
> > http://www.cdsec.com                                   Cape Town, South Africa
> 
> Oh and BTW, I just checked out your compan page. WHY is your firewall not
> listed under software in teh commercial vendors section???

Ooops - nasty omission there on our part :( I think we should sort this
out asap.

> 
> I thought AKER was the only FreeBSD firewall solution (commercial) but I
> can't use them because they dont have an english version, and that wouldnt
> go over to well with my clients :) They would be lost.
> This NEEDS to be listed in the commercial vendors section under software.
> I'm adding it to my company pages soon as a firewall solution.

Tx - obliged...

> 
> I will use your solution in my next big project in a few months.
> BTW I didnt see this listed which probably means no, but do you have an X
> GUI in addtion to the windows GUI for configuring it?

Nope - no X config. We think X on a firewall is a bad idea. There is a
text mode interface which is a real no-brainer to use (function keys,
tabbing between data fields, etc.). The manual is online on our web
pages, and there should be some screen shots on the man pages.

> 
> Chris
> 
> --
> "I don't do favors, I accumulate debts"
> 
> ===================================| Open Systems Networking And Consulting.
>   FreeBSD 2.2.6 is available now!  | Phone: 316-326-6800
> -----------------------------------| 1402 N. Washington, Wellington, KS-67152
>    FreeBSD: The power to serve!    | E-Mail: opsys@open-systems.net
>       http://www.freebsd.org       | Consulting-Network Engineering-Security
> ===================================| http://open-systems.net 
> 
> -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: 2.6.2
> 
> mQENAzPemUsAAAEH/06iF0BU8pMtdLJrxp/lLk3vg9QJCHajsd25gYtR8X1Px1Te
> gWU0C4EwMh4seDIgK9bzFmjjlZOEgS9zEgia28xDgeluQjuuMyUFJ58MzRlC2ONC
> foYIZsFyIqdjEOCBdfhH5bmgB5/+L5bjDK6lNdqD8OAhtC4Xnc1UxAKq3oUgVD/Z
> d5UJXU2xm+f08WwGZIUcbGcaonRC/6Z/5o8YpLVBpcFeLtKW5WwGhEMxl9WDZ3Kb
> NZH6bx15WiB2Q/gZQib3ZXhe1xEgRP+p6BnvF364I/To9kMduHpJKU97PH3dU7Mv
> CXk2NG3rtOgLTEwLyvtBPqLnbx35E0JnZc0k5YkABRO0JU9wZW4gU3lzdGVtcyA8
> b3BzeXNAb3Blbi1zeXN0ZW1zLm5ldD4=
> =BBjp
> -----END PGP PUBLIC KEY BLOCK-----
> 
> 


-- 
Ian Cooper (ian@cdsec.com)                             Tel: +27 21 23-6065
Citadel Data Security                                  Fax: +27 21 24-3656
Citadel Firewall, Citadel VPN Router                   Unit 3, 46 Orange Street
http://www.cdsec.com                                   Cape Town, South Africa

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message