... darkrealms ...

Forums before death by AOL, social media and spammers... "We can't have nice things"

comp.dcom.vpn

VPN protocols, clients, awesomeness

2,348 messages

[ << oldest | < older | list | newer > | newest >> ]

Message 1,545 of 2,348

Stephen J. Bevan to Rocco

Re: VPN client for linux without compili

25 Mar 05 16:50:07

   XPost: comp.os.linux.networking   
   From: stephen@dino.dnsalias.com   
      
   googlegroups@gmx.de (Rocco) writes:   
   > You're right, the 2.6er kernel already supports IPsec, but as I read   
   > in a documentation of ipsec-tools/racoon it's neccessary to re-compile   
   > it to enable IPsec because it's disabled by default.   
      
   I don't know about all 2.6 based releases but in SUSE 9.2 the kernel   
   has native IPsec compiled into it by default and one can install two   
   different user-level IPsec interfaces with YAST, ipsec-tools or   
   OpenS/WAN, without re-compiling anything.   
      
   > We use machine-based certificates for authentication. There are two   
   > certificates installed on each PC - one root-certificate which users   
   > download on our website, and one machine-certificate which they have   
   > to request via a formular on our website. And that leads to the next   
   > problem - this "automated certificate setup" works only with I-Ex and   
   > Active-X, but to this later...   
      
   Certificate based authentication works with either Racoon or OpenS/WAN   
   so that should not be a problem.   
      
   L2TP still might be a deal breaker.  You can read all about how it can   
   be made to work at ,   
   though some of the hoops one has to jump through to make it work may   
   not be feasible in your setup.   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)

[ << oldest | < older | list | newer > | newest >> ]