Date: Sun, 19 Nov 2017 21:44:50 +0700 From: Victor Sudakov <vas@mpeks.tomsk.su> To: Hellmuth Michaelis <hm@hellmuth-michaelis.de> Cc: freebsd-net@freebsd.org Subject: Re: OpenVPN vs IPSec Message-ID: <20171119144450.GD82727@admin.sibptus.transneft.ru> In-Reply-To: <07003E8F-6EF8-4D4B-8C0C-319F81AD2A73@hellmuth-michaelis.de> References: <20171118165842.GA73810@admin.sibptus.transneft.ru> <b96b449e-3dc1-6e75-e803-e6d6abefe88e@spam-fetish.org> <20171119120832.GA82727@admin.sibptus.transneft.ru> <07003E8F-6EF8-4D4B-8C0C-319F81AD2A73@hellmuth-michaelis.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Hellmuth Michaelis wrote: > > > > Am 19.11.2017 um 13:08 schrieb Victor Sudakov <vas@mpeks.tomsk.su>: > > > >> It's a standard, too. > > > > IPsec in itself maybe a standard, but IKE does not seem to be much of > > a standard, I get the impression that there's much incompatibility > > between vendors (Cisco, racoon etc). > > https://tools.ietf.org/html/rfc2409 > https://tools.ietf.org/html/rfc7296 I don't doubt there being RFCs, but there are also some incompatible vendor extensions. E.g. racoon announces Kerberos authentication support (which is presently broken) etc. -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN AS43859
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20171119144450.GD82727>