Date: Fri, 30 Apr 1999 23:30:59 +0200 From: Pierre Beyssac <pb@fasterix.freenix.org> To: freebsd-security@FreeBSD.ORG Subject: Re: VPN Message-ID: <19990430233059.B426@fasterix.frmug.fr.net> In-Reply-To: <19990430153659.1537714F69@hub.freebsd.org>; from Jonathan M. Bresler on Fri, Apr 30, 1999 at 08:36:59AM -0700 References: <19990429223254.A19140@vogon.agala.harz.de> <19990430153659.1537714F69@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Apr 30, 1999 at 08:36:59AM -0700, Jonathan M. Bresler wrote: > > Don't use Microsoft PPTP, see http://www.counterpane.com/. > the problem is not with PPTP itself, but rather microsoft's > inimitable style of implementing protocols. BTW, as there seems to be a lot of interest in VPNs currently, and I had a need for something that could run between my FreeBSD box and a Linux box, I've written a small usermode IPSEC-compliant tunnel when I became tired of the impressive number of non-compatible hacks based on PPP, ssh, TCP, PPTP, you name it, while IPSEC clearly will sweep all of this. It's more of a proof-of-concept code for the moment (only fixed keys: it lacks key negociation stuff), and it can't beat a kernel implementation for performance, but it's easier to install, easier to port to other systems (you only need some kind of a "tun" device), easier to debug, easier to add weird crypto algorithms, easier to export (the crypto is from the OpenSSL library), and last but not least easier to distribute as a package external to the core OS. I'm happily running it between several FreeBSD and Linux boxes to setup tunnels to friends through my cable modem. If anyone is interested, it can be found here. WARNING: it's really experimental and the documentation is lacking, don't even bother if you don't know how to setup a point to point link or how to add the tun device to your kernel. http://www.enst.fr/~beyssac/tunip.tar.gz -- Pierre Beyssac pb@fasterix.frmug.org pb@fasterix.freenix.org {Free,Net,Open}BSD, Linux : il y a moins bien, mais c'est plus cher Free domains: http://www.eu.org/ or mail dns-manager@EU.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990430233059.B426>