On 10 Apr 2001 09:43:08 -0700, Dicu Silviu wrote:
>
> authentificarea la remote connections la un radius sau
> tacas, cum faci chestia la un linux cu pptp sau
> freeswan !??!
Momentan nu poti, dintr-un motiv destul de rezonabil:
Does FreeS/WAN support Radius or other user authentication?
Not yet. So far, there is no standard way to authenticate users for
IPSEC, though there is a very active IETF working group looking at the
problem, and several vendors have implemented various things already.
In the absence of a standard, user authentication has not been a
priority for the FreeS/WAN team, and is unlikely to become one. This
would be a good project for a volunteer, perhaps a staff member or
contractor at some company that needs the feature. Certainly our team
would co-operate with such an effort; we just don't have time to do it.
Of course, there are various ways to avoid any requirement for user
authentication in IPSEC. Consider the situation where road warriors
build IPSEC tunnels to your office net and you are considering requiring
user authentication during tunnel negotiation. Alternatives include:
* If you can trust the road warrior machines, then set them up so
that only authorised users can create tunnels. If your road warriors use
laptops, consider the possibility of theft.
* If the tunnel only provides access to particular servers and you
can trust those servers, then set the servers up to require user
authentication.
If either of those is trustworthy, it is not clear that you need user
authentication in IPSEC.
Citat din
http://www.freeswan.org/freeswan_trees/freeswan-1.9/doc/faq.html#Radius
--
Florin Andrei
---
Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to
unsubscribe from this list.
