Re: [owl-users] IPsec

From: GalaxyMaster <galaxy_at_private>
Date: Mon, 23 May 2011 15:42:25 +0400
On Fri, May 20, 2011 at 11:33:48PM +0400, Solar Designer wrote:
> For userland tools, there appear to be:
> 
> Openswan - http://www.openswan.org

This is my choice for IPsec tunnels right now.

> strongSwan - http://www.strongswan.org

Never used this one, though I expect it to be very similar to Openswan.

> IPsec-Tools - http://ipsec-tools.sourceforge.net
> http://www.ipsec-howto.org/x304.html


RedHat is/was using this in their networking scripts.  I find it quite
easy to setup, however, this implementation supports a bit less than
openswan.

I've also used vpnc (http://www.unix-ag.uni-kl.de/~massar/vpnc/): a quite
convenient client when you need to quickly deploy a VPN client.
However, this client doesn't support tunnels with no user auth.

> Which of these are most appropriate to use these days?

If we are about to provide RHEL compatibility, then I'd suggest to go
with ipsec-tools .

About a month ago I tried all of the above on Owl with good results.

-- 
(GM)
Received on Mon May 23 2011 - 04:42:25 PDT

This archive was generated by hypermail 2.2.0 : Mon May 23 2011 - 04:42:38 PDT