Date: Sat, 19 Jul 2003 13:14:25 +0200 From: jeremie le-hen <le-hen_j@epita.fr> To: John Morgan Salomon <john@zog.net> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: Setting up a multi-platform VPN? Message-ID: <20030719111425.GA12739@carpediem.epita.fr> In-Reply-To: <3F190A4F.8050203@zog.net> References: <20030718171119.Y78744@borg-cube.com> <20030719082957.U370@worf.jawa.at> <3F190A4F.8050203@zog.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Jul 19, 2003 at 11:07:27AM +0200, John Morgan Salomon wrote: > You want KAME (http://www.kame.net). It is in 4.x. RACCOON is just > the key management/exchange component of KAME. > > IPSEC (read the RFCs) is your best bet for inter-platform vpn connections. > There are a number of FreeBSD implementations, although kame is probably > your best bet for connecting to FreeSWAN/Cisco/CheckPoint/whatever. Linux has two different implementations of IPSec, the most popular is FreeS/WAN. The other one is called USAGI (http://www.linux-ipv6.org/) and it is in a very close collaboration with the KAME project (see USAGI project overview). Indeed it uses the same IKE daemon (racoon) and its configuration is exactly the same as KAME's one. Furthermore, USAGI will be the official IPSec implementation for 2.6 kernel series (it is already merged in the 2.5 source tree). Of course USAGI is also available for 2.4 kernels. So I think using USAGI on your friend's Linux laptop is a good choice, because it will save you understanding one more IPSec implementation and configuration, in case you decide to use IPSec of course... :-) Regards, -- Jeremie aka TtZ jeremie.le-hen@epita.fr
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030719111425.GA12739>