Date: Wed, 28 Dec 2005 17:15:39 +0100 From: Eric Masson <e-masson@kisoft-services.com> To: Brian Candler <B.Candler@pobox.com> Cc: freebsd-net@freebsd.org Subject: Re: IPSEC documentation Message-ID: <86d5jhp590.fsf@srvbsdnanssv.interne.kisoft-services.com> In-Reply-To: <20051228155545.GA7166@uk.tiscali.com> (Brian Candler's message of "Wed, 28 Dec 2005 15:55:45 %2B0000") References: <20051228143817.GA6898@uk.tiscali.com> <86lky5p7ik.fsf@srvbsdnanssv.interne.kisoft-services.com> <20051228155545.GA7166@uk.tiscali.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Brian Candler <B.Candler@pobox.com> writes: > OK, I'll buy gif + IPSEC transport mode as an option. [Although in that > case, perhaps what you want is an external IPSEC tunnel mode implementation > which attaches to a 'tun' device. That's yet another category which I hadn't > even considered] Any url describing this setup please ? > I still think that gif + IPSEC tunnel mode (as currently documented) is not > a good approach, especially if it's the *only* mode of operation to be > documented and hence implicitly recommended as the 'right' way to do it. Well, ipsec section of the handbook is probably not the best one, I'd like to see it extended with the sections you talked about in this thread. Maybe it's time to submit patches... -- >pourkoi faire ca c koi le but? je vois pas l interet c un forum libre >ou tt le monde px s exprimer c pas mtnt kil faut reagir c ds les posts Au secours, mon ROT-13 ne marche plus :-(((( -+- PC in <http://www.le-gnu.net>; : Neuneu decode à plein tube -+-
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86d5jhp590.fsf>