[Openswan Users] FYI: Novell NBM to Openswan Interop Instructions
Jacco de Leeuw
jacco2 at dds.nl
Fri Dec 3 14:46:08 CET 2004
Ken Bantoft wrote:
> Guarav Vaidya @ Novell has recently posted an interop guide for Novell
> Border Manager (NBM) to Openswan, using both PSK or X.509 Digital
> Certificates.
>
> http://www.novell.com/coolsolutions/bordermag/features/a_vpn_openswan_appnote.html
Looks like a fairly standard setup to me. (Which is great because that is
exactly what you should expect with open standards).
The reasoning behind some of the decisions is missing, however. Why these key
lifetimes? Why is MD5 used at some places and SHA-1 elsewhere? Does IPCOMP
work or should it be disabled due to incompatibilities? Why not keyingtries=0?
Does NAT-T work?
Nevertheless, kudos to Novell for supporting and sponsoring Openswan!
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users
mailing list