Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 1143 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPSEC questions

Volker
Hello folks,

I have a few Questions reagrding the FreeS/Wan support.

Which version of FreeS/WAN is distributed with ASL ?

Are there any patches / addons added to the FreeS/WAN ?

Are there any plans to add X.509 support from 
http://www.strongsec.com/freeswan/ ?

Quote "The X.509 patch supports RSA-based authentication using  X.509 certificates between a Linux FreeS/WAN security gateway and an unlimited number of  IPSec peers. With version 0.9 of the patch, certificate authority (CA) trust chains and certificate revocation lists (CRLs) are introduced, thereby eliminating the need to store peer certificates locally on the Linux host."

With that in place you could support roadwarrior's. Please see at: http://vpn.ebootis.de/

Thanks for reading this far   [;)]  

Volker


This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to spike_01
    Don't know... I think that he must enable LEG-PROXYING in order to have a bit more security... In addition, he could use blocking on table "PANTS" with iptables -t PANTS -P DROP, in that case "Back Holes" should be blocked

    PS. LoL  [;)]
Children
No Data
Unfiltered HTML