[Openswan Users] AH support
Paul Wouters
paul at xelerance.com
Wed Aug 10 01:13:06 CEST 2005
On Tue, 9 Aug 2005, Rick Porter wrote:
> I'm interested in using AH between devices in the "server closet." These
> were my instructions, so please don't lecture on how weak AH is compared
> to ESP. It appears that FreeSWAN dropped support for AH
> (http://www.freeswan.org/no_ah.html) in version 2.05 due to the inherent
> security concerns that code bloat introduces. Does the OpenSWAN still
> support AH?
Yes it does. Whoever wrote your instructions did not understand the gain
versus loss of using AH over ESP.
Paul
More information about the Users
mailing list