[Openswan Users] FYI: Novell NBM to Openswan Interop Instructions

Jacco de Leeuw jacco2 at dds.nl
Fri Dec 3 14:46:08 CET 2004

Ken Bantoft wrote:

> Guarav Vaidya @ Novell has recently posted an interop guide for Novell
> Border Manager (NBM) to Openswan, using both PSK or X.509 Digital
> Certificates.
> http://www.novell.com/coolsolutions/bordermag/features/a_vpn_openswan_appnote.html

Looks like a fairly standard setup to me. (Which is great because that is
exactly what you should expect with open standards).

The reasoning behind some of the decisions is missing, however. Why these key
lifetimes? Why is MD5 used at some places and SHA-1 elsewhere? Does IPCOMP
work or should it be disabled due to incompatibilities? Why not keyingtries=0?
Does NAT-T work?

Nevertheless, kudos to Novell for supporting and sponsoring Openswan!

Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl

More information about the Users mailing list