[Openswan Users]

Paul Wouters paul at xelerance.com
Wed May 10 16:11:20 CEST 2006


On Wed, 10 May 2006, Brian Candler wrote:

> Cisco have realised the weakness of this and subsequently designed an IKE
> "hybrid" mode, where the VPN concentrator authenticates itself to the client
> with a certificate, but the client authenticates itself back to the
> concentrator with a username/password. However I don't know what open-source
> implementations of this are available.

Wasn't that Checkpoint?
In the contrib/ directory are (old) hybrid mode patches. They will not get
applied to the openswan tree, because they break other things and we have
no server side implementation to test the functionality.

I would not recommend using it.

Paul
-- 
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155


More information about the Users mailing list