Dave Harrison wrote:
Hi all,
I'm interested in using NAT-T for a VPN connection on Debian. However the FreeSWan packages appear to be broken currently, and since that would mean I'd have to compile FreeSWan by hand with a NAT-T patch, it has inclined me towards looking at active developments such as OpenSWan and StrongSWan that support NAT-T already, and are ongoing projects.
Can anyone give me feedback on their experiences with either of these
projects ?
FreeSwan has terminated and forked into two projects of which OpenSwan is one.
However, for my VPN I use OpenVPN: [EMAIL PROTECTED]:~$ apt-cache show openvpn Package: openvpn Priority: optional Section: net Installed-Size: 452 Maintainer: Alberto Gonzalez Iniesta <[EMAIL PROTECTED]> Architecture: i386 Version: 1.6.0-4 Depends: debconf, libc6 (>= 2.3.2.ds1-4), liblzo1, libssl0.9.7 Filename: pool/main/o/openvpn/openvpn_1.6.0-4_i386.deb Size: 166618 MD5sum: 56fe11b5eeca669993226c71fa595015 Description: Virtual Private Network daemon An application to securely tunnel IP networks over a single UDP port, with support for TLS-based session authentication and key exchange, packet encryption, packet authentication, and packet compression.
[EMAIL PROTECTED]:~$
It's pretty easy to set up, gets along well with firewalls: it communicates with UDP. Currently I use it on RHL 7.3 (which is the firewall), on Sarge inside a Billion firewall, Woody ditto, and Woody whch is the firewall, oh, and Sarge which is the firewall.
OpenVPN does dynamic compression, encryption and has clients for (at least) Linux and OSX.
--
Cheers John
-- spambait [EMAIL PROTECTED] [EMAIL PROTECTED] Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
