Firewall Wizards mailing list archives
Re: Newbie VPN setup/configuration question
From: "Paul D. Robertson" <proberts () patriot net>
Date: Thu, 18 Jul 2002 08:19:11 -0400 (EDT)
On Wed, 17 Jul 2002, Tony Howlett wrote:
Kathy, Since the Sonicwall uses an IPSec VPN, it in theory possible to get some software based VPN software for the linux box that will interoperate, in reality, probably more trouble than it is worth. Sonicwall claims to be
"More trouble than it's worth" depends exactly on what trouble it's worth- and the interoperability is certainly more than theoretical.
compatible with some major brands such as Firewall1 and raptor but ive never tried to make this work. I seriously doubt if they will support any of the lower end consumer based firewalls or anything that runs on linux. Sorry to be the bearer of bad news but i work with Sonicwall alot
IPSec is a standard, and ICSA Labs does IPSec testing- which includes security testing *and* interoperability testing. SonicWALL is a tested/certified product, and therefore is able to interoperate with many other products. This is an independently verified fact[1]. In the Labs, SonicWALL was tested against ten other certified products, each of which has been tested against a larger number of products for interoperability. http://www.icsalabs.com/html/communities/ipsec/lab/notes/10b/Sonicwall_Pro200_6300.shtml
and they seem to only work with their own firewall VPN boxes. Just thought id save you alot of sweat and heartache
Now, with all that said, IPSec is a very difficult to understand protocol[2], and "will interoperate" doesn't mean "will interoperate seemlessly, or in every configuration." However, with support from the person who configured the device and potentially from the vendor, getting something to interoperate shouldn't be too challenging given the reference set SonicWALL is known to interoperate with. Please note the following disclaimers: I work for TruSecure. TruSecure owns ICSA Labs. SonicWALL is a customer of ICSA Labs. This list is hosted at ICSA Labs. I'm a list moderator for this list[3]. Paul [1] For this, of course you must believe in the objectivity of the Labs. Since I know and work with them, I certainly do. [2] It's bad enough that sometimes different products from the same vendor are a challenge, but our interoperability testing has made that significantly less of an issue over the last few years. [3] People are welcome to take issue with anything in this message either on or off list. ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions proberts () patriot net which may have no basis whatsoever in fact." probertson () trusecure com Director of Risk Assessment TruSecure Corporation _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Newbie VPN setup/configuration question Kathy Bieltz (Jul 17)
- Re: Newbie VPN setup/configuration question Tony Howlett (Jul 18)
- Re: Newbie VPN setup/configuration question Paul D. Robertson (Jul 18)
- Re: Newbie VPN setup/configuration question Dave Piscitello (Jul 18)
- Re: Newbie VPN setup/configuration question Tony Howlett (Jul 18)
- Re: Newbie VPN setup/configuration question Kathy Bieltz (Jul 18)
- Re: Newbie VPN setup/configuration question Tony Howlett (Jul 18)
- Re: Newbie VPN setup/configuration question Tony Howlett (Jul 18)
- Re: Newbie VPN setup/configuration question Devdas Bhagat (Jul 18)