OoO Peu avant le début de l'après-midi du dimanche 25 mai 2008, vers 13:19, David Smith <[EMAIL PROTECTED]> disait:
>> I have not tried StrongSWAN, so I have no reason to use OpenSWAN instead >> of StrongSWAN. > OK, could you please double-check that your configuration works with > strongswan as well as openswan? I want to propose that we focus on one > IKE implementation and considering the features available in strongswan, > that it works with the most server implementations especially Windows > 2003 and 2008 Server and that it supports smartcards the best make it a > lead contender. Hi David! I have just tested and the configuration that I posted here works fine with StrongSWAN (you just need to comment nhelpers directive). However, my VPN endpoint is OpenSWAN (which works fine with Windows and Mac OS X clients). I have no experience with Windows 2003/2008 as VPN server. And I cannot test smartcards stuff. StrongSWAN disables transport mode: 003 "XXXXXXX" #2: NAT-Traversal: Transport Mode not allowed due to security concerns -- using Tunnel mode I don't think that is something that should be remarked by the server. Therefore, there should be no problem. If you run into difficulties with StrongSWAN, here is another IKE implementation that don't need configuration files: http://www.shrew.net/?page=software However, I think that it won't support things like smartcards. -- No fortunes found _______________________________________________ NetworkManager-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/networkmanager-list
