From owner-freebsd-stable Wed Sep 6 14:38:11 2000 Delivered-To: freebsd-stable@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 8875437B507; Wed, 6 Sep 2000 14:38:07 -0700 (PDT) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id OAA70710; Wed, 6 Sep 2000 14:38:07 -0700 (PDT) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Wed, 6 Sep 2000 14:38:07 -0700 (PDT) From: Kris Kennaway To: danh@gelatinous.com Cc: stable@freebsd.org Subject: Re: VPN? IPSEC? KAME? CIA? In-Reply-To: <20000906203054.26947.qmail@cube.gelatinous.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On 6 Sep 2000 danh@gelatinous.com wrote: > So what VPN solution are all the cool kids using > in FreeBSD these days? FreeBSD 4.1 or later contains full ipsec code, including the KAME IKE daemon (racoon, in ports). FreeBSD 4.0 also contained ipsec but racoon didnt work with it, meaning you had to manually key security associations and in practise it was somewhat difficult to interoperate with some other ipsec platforms. > I have downloaded the KAME RELEASE version source > but I notice it hasn't been updated since May of > last year. The snapshots are a more appropriate thing to use, but I dont think you need them. There aren't very many changes to ipsec made there, except for racoon which is also updated in the ports collection. Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message