Firewall Wizards mailing list archives
RE: free s/wan (really interoperability)
From: Ben Nagy <bnagy () cpms com au>
Date: Fri, 8 Oct 1999 15:52:33 +0930
Stuff inline
-----Original Message----- From: sean.kelly () lanston com [mailto:sean.kelly () lanston com] Sent: Wednesday, 6 October 1999 11:22 PM To: jsdy () cospo osis gov; dufresne () sysinfo com Cc: siglite () criticalstop com; firewall-wizards () nfr net Subject: RE: free s/wan (really interoperability)From: Joseph S D Yao [mailto:jsdy () cospo osis gov] Subject: Re: free s/wan (really interoperability) Ron DuFresne had asked:Are there any VPN products that do not require the samesetup on both endsto impliment? (i.e. VPN products that are cross-compatiblewith other products out there) There is IPsec VPN server software out there that is sold without a client - one is directed to several other companies that make IPsec clients. So it would seem that the answer, probably with some caveats, is, "yes."IPsec is rapidly gaining popularity. 3Com is about to release a NIC that implements 3DES and IPsec in hardware
Is this based on the new Intel chipset that was recently reported (among millions of other places) on slashdot? http://developer.intel.com/design/network/82559c.htm If so, the card implements a few of the madated IPSec ciphers in hardware, which helps offload processing from the OS IPSec engine. It doesn't actually grok IPSec itself. This is not to say that it's not pretty cool. -- it integrates with
Win2000's IPsec implementation which is supposed to be their new VPN solution (if this is true I'll be overjoyed -- MS will be actually conforming to an existing standard).
I don't know how well they conform, but IPSec is native in all the previews of W2K that I have played with, and I have had it working in various test setups. It's damn easy to use for LAN stuff, and seems to work OK with Cisco's IPSec gear.
Cisco is doing IPsec, there are IPsec implementations (clients at least) for FreeBSD, Linux, etc. If they conform to the standard, they should all be interoperable. PGPNet also uses IPsec.
And every person and their pet of choice. I thought I read somewhere about some body that did IPSec interop testing and offered to certify people's products? Can anyone remind me about this? Anyway, if so, you should be able to get any product that conforms and be fairly confident.
I think IPsec version 2 is in the works but it will be a while before apps are out that use it.
News to me. What's busted in IPSec "1"?
Sean
Cheers! -- Ben Nagy Network Consultant, CPM&S Group of Companies PGP Key ID: 0x1A86E304 Mobile: +61 414 411 520
Current thread:
- Re: free s/wan (really interoperability) Joseph S D Yao (Oct 05)
- <Possible follow-ups>
- RE: free s/wan (really interoperability) sean . kelly (Oct 06)
- RE: free s/wan (really interoperability) Ben Nagy (Oct 12)
- RE: free s/wan (really interoperability) sean . kelly (Oct 12)