On 2004 11 26 (Friday) 14:14, Vesselin Kolev wrote: > Doncho N. Gunchev wrote: > > > ÐÐÑÐÐÐÐÑÐ, > > ÐÐÑÐÑÐÑÑÐÐ ÐÐ ÐÐÐ ÐÐ ÐÐÐÐÑÑÐÐÐ ÐÐ ipsec over > > tcp (ÐÑÐ CISCO) > >ÐÐ Linux 2.6 Ð ÐÐÐÑÐÐÐÑÐÑÐÑ ÐÐ ÐÑÐÑÐÑÐ. > > ÐÐÐÐÐÐÐÑÑ ÐÑÐÐÐÐÑÐÑÐÐÐÐ. > > > > > > > ÐÑÐÐÐÐÑÑÑ Ð "ÐÐ" (ÐÐÐÐ ÐÐ Swan, ÐÐ ÑÑÐ ÑÐÐÑÑÐÐ, > ÑÐ ÑÐÐÐ ÐÐÐÐ Ð ÐÐ > "native" IPsec Ð 2.6). ÐÑÐÑÐÐÐÑÐ Ð, ÑÐ IPsec > ÑÐÐÐÐÐÐÑÐÑÑÐ Ð Linux ÑÐÐÐÐÐ > IETF ÐÐÐÑÐÐÐÑÐÑÐ ÐÐ ÑÐÐÐÑÐ IPsec Ð ÐÐ > ÑÑÐÐÑÐÐÑÑÐÐ ÑÑÐÐÐ ÑÐ ÐÐÐÐÐÐÐÐ UDP, > Ð ÐÐ TCP. ÐÐÐÐ SSL ÐÐÐÐÑÐÐÐÑÐ ÑÐÑÐÐÐÑ ÐÐ VPN > ÐÐÐÐÐÐÐÐÑ TCP ÐÐÑÐÐÐ > ÑÐÐÐÐÐÐÑÐÑÑÐ ÐÐ SSLv3, ÐÐ ÑÐÐÐ Ð ÐÐÐÐÑ ÐÑ IPsec. > > ÐÐ ÐÐ ÐÐÐÐÑÐÐ, ÑÐ ÑÑÐÐÑÐÐÑÑÐÐÑÐ ÑÑÐÐÐ ÑÐÐÐ > ÐÐ ÑÐÐÐ ÑÐ ÐÐÑÐ ÐÐ Ð IPsec, > ÐÐÑÐÑÐ ÐÑÐ ÐÐÑ ÐÑÐÐ AH. ÐÑ Ð ÐÐÐÐÑÐÐÐÑ, > ÐÐÐÑÐ ÑÐ ÐÐÐÐÐÐÐÐ ÐÐ ÐÑÐÐÐÑ ÐÑÐÐ > NAT (NAT Traversal) Ð ÐÑÐÑÐÐÐÑÐÑÐ ÐÐ ÐÑÐÐÐÐÐÑÐ > ÐÐÐÑÐÐÑÐÑ Ð IPsec ÐÐ > ÑÐÐÑÑÐÐÐÑÑÐÐÐÐ Ð ÐÐ ÐÐÐÑÐ ÑÑÑÐÐÐ > ÑÑÐÑÑÐÐÑÐ Ð ÐÐÐÑÐÐÐÐÐÐÑÐ ÐÐ ÑÐÐÑÑÐÐÑÐ > ÐÑÑÐÐÐ. > > ÐÐÐÐÑÐÐÐ > ÐÐÑÐ >
ÐÐÐÐÐÐÐÑÑ ÐÐ ÐÑÑÐÐÑ ÐÑÐÐÐÐÑ. ÐÐÐÐ Ð ÑÐÑÑÐÑ CISCO ÐÐÐÐÑÐÐ ÐÐ ÑÐ ÑÐÐÐÐÐÐ ÑÑÐÐÐÐÑÑÐ. ÐÐÐÐÑÑÐÐÐÐÑ ÐÑÐÐÐÑ, ÐÐÐÑÐ ÐÐÐÐÑÐÑ, ÑÐÐÐÐÐÐÐÐÑ ipsec over tcp Ð vpnc (http://www.unix-ag.uni-kl.de/~massar/vpnc/), Ð ÑÐÐ ÐÐÑÐ: Known Bugs / TODO * rekeying is not supported (default rekey-intervall is 8 hours) * certificate support (Pre-Shared-Key + XAUTH is known to be insecure!) * hybrid auth support * IPSec over TCP -- Regards, Doncho N. Gunchev Registered Linux User #291323 at counter.li.org GPG-Key-ID: 1024D/DA454F79 http://pgp.mit.edu Key fingerprint = 684F 688B C508 C609 0371 5E0F A089 CB15 DA45 4F79 ============================================================================ A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html ============================================================================