On Wed, Nov 01, 2006 at 05:49:18PM -0800, Bryan Irvine wrote:
> I'm going to upgrading a couple of our firewalls soon and as part of
> the upgrade I will be implementing VPN between a couple of our sites.
>
> Does this page still apply: http://www.securityfocus.com/infocus/1859
Yes, although some additions have been made since (notably, AH works
too).
> Any pitfalls or changes I should watch out for?
Filtering IPsec traffic might take some experimentation to get right.
> These firewall are running CARP.
Don't forget sasyncd; it has gotten *much* better in 4.0.
Joachim
