Firewall Wizards mailing list archives
Re: free s/wan (really interoperability)
From: Tina Bird <tbird () secnetgroup com>
Date: Tue, 05 Oct 1999 17:40:20 -0500
The ICSA performs interoperability tests between different vendors' versions of IPSec -- as I understand it, mostly in server-to-server mode, but with at least a few client-to-server tests as well. The test results are posted at http://www.icsa.net/services/products_cert/ipsec/certified_products.shtml As I understand it, a few of the free VPN products (notably FreeS/WAN and OpenBSD's IPSec) test against products which have succeeded in the interoperability tests, but I don't think they participate -- probably costs too much. [Although note that FreeS/WAN development lags the current state of IPSec, not to mention the current state of Linux -- it doesn't support certificate authorities unless something has changed very recently.] As of 9 September 1999, 12 vendors had one or more products certified. cheers -- Tina Bird At 01:23 PM 10/05/1999 -0500, R. DuFresne wrote:
On Tue, 5 Oct 1999, Joseph S D Yao wrote:Ron DuFresne had asked:Are there any VPN products that do not require the same setup on both ends to impliment? (i.e. VPN products that are cross-compatible with other products out there)There is IPsec VPN server software out there that is sold without a client - one is directed to several other companies that make IPsec clients. So it would seem that the answer, probably with some caveats, is, "yes." If you consider 'ssh' tunnels to be VPNs [you can do PPP through them], then there are also multiple implementations of 'ssh' and 'sshd'.Okay, I can see the point here with sshd and the various ssh implementations. But, I'm more looking at this from a slightly different perspective. free s/wan as I understand it requires another free s/wan box on the otherside of the connection. I'm trusting the same is the case with cisco's VPN solution<s> and most likely with FW1's implementation, as well as many of the other offerings. Are any as flexible or nearly as flexible in interoperability as the ssh/sshd implementations mentioned thus far? Thanks, Ron DuFresne -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior consultant: darkstar.sysinfo.com http://darkstar.sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too!
Current thread:
- free s/wan Siglite (Oct 04)
- Re: free s/wan R. DuFresne (Oct 05)
- Re: free s/wan Siglite (Oct 05)
- Re: free s/wan (really interoperability) Joseph S D Yao (Oct 05)
- Re: free s/wan (really interoperability) R. DuFresne (Oct 05)
- Message not available
- Re: free s/wan (really interoperability) Tina Bird (Oct 06)
- RE: free s/wan (really interoperability) Kurt Buff (Oct 12)
- Re: free s/wan R. DuFresne (Oct 05)
- <Possible follow-ups>
- Re: free s/wan Bill_Royds (Oct 06)