My posts seem to keep getting rejected by the list server. Hopefully this one will work.
I have run into a huge problem with ipsec.lrp which is preventing an enterprise-wide deployment of Bering 1.2 with ipsec. I believe the problem would also exist with the uClibc distro as well, although I have not tested it since I do not have a Bering uClibc installation to test on. The problem is as follows: Super FreeS/WAN 1.99.6.2, on which the Bering 1.2 ipsec.lrp is based, has a known problem which prevents the use of wildcards in Distinguished Names inside ipsec.conf to specify client ids (rightid, leftid). This is pretty much a requirement when deploying in an enterprise since you want to identify available tunnels according to functional groups of people (i.e. sales has one tunnel, development a second, etc.). See http://lists.virus.org/freeswan-0305/msg00774.html for a complete discussion of the problem. The offending version of the X.509 patch which is included in SFS 1.99.6.2 is X.509 0.9.28. This problem is fixed with X.509 0.9.30, which is rolled into Super FreeS/WAN 1.99.7.2. Could some kind soul (Jacques perhaps?) please build a new ipsec.lrp with the latest Super FreeS/WAN release so that this problem can be fixed in Bering? I know that building ipsec.lrp is non-trivial and I would be greatly indebted to anyone who builds and releases the new package. -- ____________________________________________________________ Muiz Motani Intelligent Distribution 72-6800 Lynas Lane, Richmond, B.C. V7C 5E2 email: [EMAIL PROTECTED] phone: +1 604 448 9293 fax: +1 604 448 9296 ------------------------------------------------------- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
