Date: Thu, 28 Sep 2000 22:47:07 +0800 (+0800) From: Michael Robinson <robinson@netrinsics.com> To: freebsd-security@freebsd.org Subject: Dialup IPSEC Message-ID: <200009281447.e8SEl7805639@netrinsics.com>
next in thread | raw e-mail | index | archive | help
Pipsecd supports dialup users by providing IP wildcards for security
associations. This is very convenient.
Racoon, on the other hand (according to the port description):
"Design choice, not a bug:
- racoon negotiate IPsec keys only. It does not negotiate policy. Policy
must be configured into the kernel separately from racoon. If you want
to support roaming clients, you may need to have a mechanism to put
policy for the roaming client after phase 1 finhises."
Does anyone have a working dialup solution for the KAME kernel IPSEC
implementation?
-Michael Robinson
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200009281447.e8SEl7805639>