AW: [Voyage-linux] Question regarding OpenSWAN, FreeSWAN, or racoon

Hofer, Hermann (spam-protected)
Mon Apr 24 16:19:30 HKT 2006 

Hello,

we are using OpenVPN and OpenSwan with voyage 0.2. We don't like the included IPSEC-Support in Kernel 2.6 because of the extra interfaces OpenSwan provides for easier firewalling.

For OpenVPN we use the normal package Debian provides, nothing spezial is needed (we use it for bridging). For OpenSwan we patch the voyage kernel-source with the actual openswan-2.4.5 (older versions doesn't support an 2.6.15 kernel), disable internal ipsec support and compile the OpenSwan programs. At the moment I am looking into making a debain package, but time is small.

If there are any questions feel free and ask.


Mit freundlichen Grüßen
 Hermann Hofer

---
AHS Netzwerktechnik GmbH

-----Ursprüngliche Nachricht-----
Von: voyage-linux-bounces+h.hofer=ahsnet.de at list.voyage.hk [mailto:voyage-linux-bounces+h.hofer=ahsnet.de at list.voyage.hk] Im Auftrag von Kim-man "Punky" TSE
Gesendet: Montag, 24. April 2006 03:24
An: jdb at beetelecom.net; voyage-linux at voyage.hk
Betreff: Re: [Voyage-linux] Question regarding OpenSWAN, FreeSWAN, or racoon

Hi John,

I did not tested the openswan in voyage, but I have already enabled some 
kernel modules to support OpenSWAN.  I heard that 2.6 kernel (or only in 
debian favour) have included IPSEC support. 

If I were wrong, then let me know how to get it supported, I am willing 
to include any patches in the kernel by request. 

I think there are some users using openvpn . If anyone has experience in 
using VPN in voyage, please share your experience as well. 

Punky

John D. Bickle wrote:
> Hi Everyone.
>
> I've been using pebble for a while, and want to make the move to voyage
> (good work, everyone!)
>
> However, i have a question about what you think would be the best VPN
> strategy.
>
> Using pebble, what i did was download the debian packages for freeswan and
> i ported that to pebble by recompiling a custom kernel with the necessary
> modules. I'd prefer not to do that again, if i can avoid it.
>
> Also FreeSWAN, to the best of my knowledge, is no longer supported. What
> do you think would be the best strategy for having good VPN software for
> voyage? should i use OpenSWAN, or perhaps a combination of a custom kernel
> and use racoon for key exchange? Does anyone have any plans for putting a
> standard IPSEC package in voyage?
>
> any advice or help you can give me with this would be very much appreciated.
>
> cheers,
> john.
>
>
> _______________________________________________
> Voyage-linux mailing list
> Voyage-linux at list.voyage.hk
> http://list.voyage.hk/mailman/listinfo/voyage-linux
>   


-- 
Regards,
Punky
P U N K N ! X  . c o m
Technology + Lifestyle
(http://www.punknix.com)

Voyage Linux
(http://www.voyage.hk/software/voyage.html)



_______________________________________________
Voyage-linux mailing list
Voyage-linux at list.voyage.hk
http://list.voyage.hk/mailman/listinfo/voyage-linux

More information about the Voyage-linux mailing list