On Thu, 2003-08-21 at 14:31, Benjamin wrote: > Jason Dixon <[EMAIL PROTECTED]> wrote:
> Yes, Windows XP includes IPsec support via the MMC/Security > plugins. > Unfortunately, it's a hideous mess to setup/maintain, IMHO. > Folks with > more experience running Windows XP's native IPsec support may > argue > otherwise, but that's why they're experts. ;-) For my money > ($99-$129), most 3rd party IPsec Windows clients are worth it. How about Linux to cisco? Hi, Benny. Please don't top-post. You shouldn't have any problems, but I'd imagine it depends on your setup and IPsec software. You didn't mention if you were talking endpoint-to-endpoint, host-to-endpoint, which was which, FreeSWAN or OpenVPN (or others), etc. From my experience, the Cisco client software works fine with FreeSWAN. I haven't tried Linux clients with Cisco gateways. The big drawback with FreeSWAN, IMHO, is that it only supports 3DES. No AES/Blowfish/etc. The native IPsec support in 2.5/2.6 looks much more promising. It appears to support all the major algorithms, not to mention automatic keying using an optional list of accepted algorithms. This looks much more like KAME (probably is), and should be on your short list of IPsec implementations if you're designing a new network. http://lartc.org/howto/lartc.ipsec.html -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
