Hello!
W licie z wto, 02-03-2004, godz. 22:57, Richard Atterer pisze:
Does each of these 100 LANs need to connect to *any* other LAN, or just to
your LAN? Are the LANs real LANs or do you only want to connect single
road warrior machines to your LAN?
Generally I need possibility to
On Wed, Mar 03, 2004 at 09:39:06AM +0100, Jaros?aw Tabor wrote:
I don't know IPSec so good, so one question: if I will add new node
(LAN), do I need to update configuration of all others about it ? This is
my biggest concern...
I'm not so sure about this - anybody else?
But I think it's
What is Racoon like in terms of configuration ease? I've used FreeSWAN and
wilst it's not the easiest to set up, once you've got your head around it,
it does make sense.
Racoon makes sense from the start;)
--
Dariush Pietrzak,
Key fingerprint = 40D0 9FFB 9939 7320 8294 05E0 BCC7 02C4 75CC
Hi, CCing the list again because other people might have cleverer ideas. I
hope you don't mind, Jaroslaw.
On Wed, Mar 03, 2004 at 11:36:27AM +0100, Jaros?aw Tabor wrote:
That's OK. But what about routing ? How to inform other nodes, about new
subnet ? I think, that this will require some kind
W licie z ro, 03-03-2004, godz. 12:07, Richard Atterer pisze:
Later, when network number 42 has been set up to use 10.0.42.0/24, you only
need to update the DNS entry of ipsec42.mydomain.net and all other LANs
should be able to use it. (New IPSec links will be set up on demand once
anyone
On Wed, Mar 03, 2004 at 08:54:38AM +0100, Dariush Pietrzak wrote:
FreeS/WAN is orphaned upstream. OpenSWAN is based on FreeS/WAN and as
such it does not work with 2.6.
That is untrue.
1.x branch works with 2.4.x kernels, 2.x branch works with 2.6.x
Right! I shouldn't write mail at 01:25
On Wed, 3 Mar 2004 12:07:23 +0100
Richard Atterer [EMAIL PROTECTED] wrote:
Hi, CCing the list again because other people might have cleverer
ideas. I hope you don't mind, Jaroslaw.
On Wed, Mar 03, 2004 at 11:36:27AM +0100, Jaros?aw Tabor wrote:
That's OK. But what about routing ? How to
On Wed, Mar 03, 2004 at 01:25:46 +0100, Milan P. Stanic wrote:
FreeS/WAN is orphaned upstream. OpenSWAN is based on FreeS/WAN and as
such it does not work with 2.6.
For Kernel's 2.6.0 and higher, Openswan uses the built in IPsec support.
Only the userland component of Openswan is required to
think an acceptable user-land alternative might be openvpn. I would
I don't think openvpn would easily handle such large number of connections,
it would be also a configuration nightmare.
tinc was designed to handle such scenario, but I wouldn't use anything
user-land for ~100 lans, no metter
FreeS/WAN is orphaned upstream. OpenSWAN is based on FreeS/WAN and as
such it does not work with 2.6.
That is untrue.
1.x branch works with 2.4.x kernels, 2.x branch works with 2.6.x
--
Dariush Pietrzak,
Key fingerprint = 40D0 9FFB 9939 7320 8294 05E0 BCC7 02C4 75CC 50D9
Hello!
W liście z wto, 02-03-2004, godz. 22:57, Richard Atterer pisze:
Does each of these 100 LANs need to connect to *any* other LAN, or just to
your LAN? Are the LANs real LANs or do you only want to connect single
road warrior machines to your LAN?
Generally I need possibility to
On Wed, Mar 03, 2004 at 09:39:06AM +0100, Jaros?aw Tabor wrote:
I don't know IPSec so good, so one question: if I will add new node
(LAN), do I need to update configuration of all others about it ? This is
my biggest concern...
I'm not so sure about this - anybody else?
But I think it's
Milan P. Stanic was heard to utter, at roughly 03/03/04 00:25:
On Tue, Mar 02, 2004 at 03:37:52PM -0600, Jacques Normand wrote:
On Tue, Mar 02, 2004 at 10:08:22PM +0100, J.H.M. Dassen (Ray) wrote:
If you're looking for a VPN solution, by all means look at FreeS/WAN (or its
likely successor,
What is Racoon like in terms of configuration ease? I've used FreeSWAN and
wilst it's not the easiest to set up, once you've got your head around it,
it does make sense.
Racoon makes sense from the start;)
--
Dariush Pietrzak,
Key fingerprint = 40D0 9FFB 9939 7320 8294 05E0 BCC7 02C4 75CC
Hi, CCing the list again because other people might have cleverer ideas. I
hope you don't mind, Jaroslaw.
On Wed, Mar 03, 2004 at 11:36:27AM +0100, Jaros?aw Tabor wrote:
That's OK. But what about routing ? How to inform other nodes, about new
subnet ? I think, that this will require some kind
On Wed, Mar 03, 2004 at 08:54:38AM +0100, Dariush Pietrzak wrote:
FreeS/WAN is orphaned upstream. OpenSWAN is based on FreeS/WAN and as
such it does not work with 2.6.
That is untrue.
1.x branch works with 2.4.x kernels, 2.x branch works with 2.6.x
Right! I shouldn't write mail at 01:25
Jaroslaw Tabor wrote:
Hi all!
I know that this list isn't the best place to ask, but I'm reding this
list for years. I hope You will forgive me :)
I'm looking for good linux (debian of course) based solution for VPN
connecting about 100 LANs. The solution should be stable, easy for
On Tue, Mar 02, 2004 at 21:41:34 +0100, Jaroslaw Tabor wrote:
I've reviewed freeswan and OE feauture. This looks nice, but I'm afraid
about security.
If you're looking for a VPN solution, by all means look at FreeS/WAN (or its
likely successor, OpenSWAN). Just forget about OE. OE isn't about
On Tue, Mar 02, 2004 at 10:08:22PM +0100, J.H.M. Dassen (Ray) wrote:
On Tue, Mar 02, 2004 at 21:41:34 +0100, Jaroslaw Tabor wrote:
I've reviewed freeswan and OE feauture. This looks nice, but I'm afraid
about security.
If you're looking for a VPN solution, by all means look at FreeS/WAN
On Tue, Mar 02, 2004 at 10:00:58PM +0100, I.R. van Dongen wrote:
You might want to check tinc (http://tinc.nl.linux.org)
I strongly recommend *not* to use tinc.
http://www.securityfocus.com/archive/1/249142 illustrates that the
authors didn't have enough expertise to build a secure tool 2 years
Richard Atterer wrote:
On Tue, Mar 02, 2004 at 10:00:58PM +0100, I.R. van Dongen wrote:
You might want to check tinc (http://tinc.nl.linux.org)
I strongly recommend *not* to use tinc.
http://www.securityfocus.com/archive/1/249142 illustrates that the
authors didn't have enough expertise
On Wed, Mar 03, 2004 at 12:18:32AM +0100, I.R. van Dongen wrote:
Richard Atterer wrote:
On Tue, Mar 02, 2004 at 10:00:58PM +0100, I.R. van Dongen wrote:
You might want to check tinc (http://tinc.nl.linux.org)
I strongly recommend *not* to use tinc.
On Wed, Mar 03, 2004 at 12:18:32AM +0100, I.R. van Dongen wrote:
Richard Atterer wrote:
On Tue, Mar 02, 2004 at 10:00:58PM +0100, I.R. van Dongen wrote:
You might want to check tinc (http://tinc.nl.linux.org)
I strongly recommend *not* to use tinc.
On Tue, Mar 02, 2004 at 03:37:52PM -0600, Jacques Normand wrote:
On Tue, Mar 02, 2004 at 10:08:22PM +0100, J.H.M. Dassen (Ray) wrote:
If you're looking for a VPN solution, by all means look at FreeS/WAN (or its
likely successor, OpenSWAN). Just forget about OE. OE isn't about the type
of
Jan Minar wrote:
IMHO, the key words in Richard's posting are ``[not] enough expertise'',
and ``a track record''. The idea that the [conceptual] flaws will be
fixed in The Next Release [TM], although quite common amongst the
people, is a mere instance of a proof by wishful thinking. Clueless
In article [EMAIL PROTECTED] you wrote:
I'm personally in favour of an IPsec VPN using openbsd or linux 2.6.
For a distributed Installation with up to 100 sites, I strongly recommend to go
with a small SOHO Router appliance. Because they are easy to replace with
UPS delivery, they are more
On Wed, Mar 03, 2004 at 01:33:17AM +0100, I.R. van Dongen wrote:
Jan Minar wrote:
IMHO, the key words in Richard's posting are ``[not] enough expertise'',
and ``a track record''. The idea that the [conceptual] flaws will be
fixed in The Next Release [TM], although quite common amongst the
On Wed, Mar 03, 2004 at 01:25:46 +0100, Milan P. Stanic wrote:
FreeS/WAN is orphaned upstream. OpenSWAN is based on FreeS/WAN and as
such it does not work with 2.6.
For Kernel's 2.6.0 and higher, Openswan uses the built in IPsec support.
Only the userland component of Openswan is required to
think an acceptable user-land alternative might be openvpn. I would
I don't think openvpn would easily handle such large number of connections,
it would be also a configuration nightmare.
tinc was designed to handle such scenario, but I wouldn't use anything
user-land for ~100 lans, no metter
FreeS/WAN is orphaned upstream. OpenSWAN is based on FreeS/WAN and as
such it does not work with 2.6.
That is untrue.
1.x branch works with 2.4.x kernels, 2.x branch works with 2.6.x
--
Dariush Pietrzak,
Key fingerprint = 40D0 9FFB 9939 7320 8294 05E0 BCC7 02C4 75CC 50D9
--
To
Jaroslaw Tabor wrote:
Hi all!
I know that this list isn't the best place to ask, but I'm reding this
list for years. I hope You will forgive me :)
I'm looking for good linux (debian of course) based solution for VPN
connecting about 100 LANs. The solution should be stable, easy for
On Tue, Mar 02, 2004 at 21:41:34 +0100, Jaroslaw Tabor wrote:
I've reviewed freeswan and OE feauture. This looks nice, but I'm afraid
about security.
If you're looking for a VPN solution, by all means look at FreeS/WAN (or its
likely successor, OpenSWAN). Just forget about OE. OE isn't about
On Tue, Mar 02, 2004 at 10:08:22PM +0100, J.H.M. Dassen (Ray) wrote:
On Tue, Mar 02, 2004 at 21:41:34 +0100, Jaroslaw Tabor wrote:
I've reviewed freeswan and OE feauture. This looks nice, but I'm afraid
about security.
If you're looking for a VPN solution, by all means look at FreeS/WAN
On Tue, Mar 02, 2004 at 10:00:58PM +0100, I.R. van Dongen wrote:
You might want to check tinc (http://tinc.nl.linux.org)
I strongly recommend *not* to use tinc.
http://www.securityfocus.com/archive/1/249142 illustrates that the
authors didn't have enough expertise to build a secure tool 2 years
Richard Atterer wrote:
On Tue, Mar 02, 2004 at 10:00:58PM +0100, I.R. van Dongen wrote:
You might want to check tinc (http://tinc.nl.linux.org)
I strongly recommend *not* to use tinc.
http://www.securityfocus.com/archive/1/249142 illustrates that the
authors didn't have enough
On Wed, Mar 03, 2004 at 12:18:32AM +0100, I.R. van Dongen wrote:
Richard Atterer wrote:
On Tue, Mar 02, 2004 at 10:00:58PM +0100, I.R. van Dongen wrote:
You might want to check tinc (http://tinc.nl.linux.org)
I strongly recommend *not* to use tinc.
On Wed, Mar 03, 2004 at 12:18:32AM +0100, I.R. van Dongen wrote:
Richard Atterer wrote:
On Tue, Mar 02, 2004 at 10:00:58PM +0100, I.R. van Dongen wrote:
You might want to check tinc (http://tinc.nl.linux.org)
I strongly recommend *not* to use tinc.
On Tue, Mar 02, 2004 at 03:37:52PM -0600, Jacques Normand wrote:
On Tue, Mar 02, 2004 at 10:08:22PM +0100, J.H.M. Dassen (Ray) wrote:
If you're looking for a VPN solution, by all means look at FreeS/WAN (or its
likely successor, OpenSWAN). Just forget about OE. OE isn't about the type
of
Jan Minar wrote:
IMHO, the key words in Richard's posting are ``[not] enough expertise'',
and ``a track record''. The idea that the [conceptual] flaws will be
fixed in The Next Release [TM], although quite common amongst the
people, is a mere instance of a proof by wishful thinking. Clueless
In article [EMAIL PROTECTED] you wrote:
I'm personally in favour of an IPsec VPN using openbsd or linux 2.6.
For a distributed Installation with up to 100 sites, I strongly recommend to go
with a small SOHO Router appliance. Because they are easy to replace with
UPS delivery, they are more
40 matches
Mail list logo
