Date: Sun, 19 Nov 2017 22:16:18 +0700 From: Victor Sudakov <vas@mpeks.tomsk.su> To: Eugene Grosbein <eugen@grosbein.net> Cc: Hellmuth Michaelis <hm@hellmuth-michaelis.de>, freebsd-net@freebsd.org Subject: Re: OpenVPN vs IPSec Message-ID: <20171119151618.GJ82727@admin.sibptus.transneft.ru> In-Reply-To: <5A119CD7.2020905@grosbein.net> References: <20171118165842.GA73810@admin.sibptus.transneft.ru> <b96b449e-3dc1-6e75-e803-e6d6abefe88e@spam-fetish.org> <20171119120832.GA82727@admin.sibptus.transneft.ru> <07003E8F-6EF8-4D4B-8C0C-319F81AD2A73@hellmuth-michaelis.de> <20171119144450.GD82727@admin.sibptus.transneft.ru> <5A119CD7.2020905@grosbein.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Eugene Grosbein wrote: > > >> https://tools.ietf.org/html/rfc2409 > >> https://tools.ietf.org/html/rfc7296 > > > > I don't doubt there being RFCs, but there are also some incompatible > > vendor extensions. E.g. racoon announces Kerberos authentication > > support (which is presently broken) etc. > > racoon does not announce Kerberos authentication support in my case. > May be due to the fact I build security/ipsec-tools port with disabled option > for GSSAPI Security API support. So do I now, but when I tried to enable the option (because I grew tired of shared secrets), it turned out broken. Anyway, it is just an example of a non-standard extension. -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN AS43859
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20171119151618.GJ82727>