Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20110523114225.GG22037@openwall.com>
Date: Mon, 23 May 2011 15:42:25 +0400
From: "(GalaxyMaster)" <galaxy@...nwall.com>
To: owl-users@...ts.openwall.com
Subject: Re: IPsec

On Fri, May 20, 2011 at 11:33:48PM +0400, Solar Designer wrote:
> For userland tools, there appear to be:
> 
> Openswan - http://www.openswan.org

This is my choice for IPsec tunnels right now.

> strongSwan - http://www.strongswan.org

Never used this one, though I expect it to be very similar to Openswan.

> IPsec-Tools - http://ipsec-tools.sourceforge.net
> http://www.ipsec-howto.org/x304.html


RedHat is/was using this in their networking scripts.  I find it quite
easy to setup, however, this implementation supports a bit less than
openswan.

I've also used vpnc (http://www.unix-ag.uni-kl.de/~massar/vpnc/): a quite
convenient client when you need to quickly deploy a VPN client.
However, this client doesn't support tunnels with no user auth.

> Which of these are most appropriate to use these days?

If we are about to provide RHEL compatibility, then I'd suggest to go
with ipsec-tools .

About a month ago I tried all of the above on Owl with good results.

-- 
(GM)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.