Bug 116374
Summary: | rfe: consider upgrading to 0.2.4 | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Kaj J. Niemi <kajtzu> | ||||||
Component: | ipsec-tools | Assignee: | Bill Nottingham <notting> | ||||||
Status: | CLOSED RAWHIDE | QA Contact: | |||||||
Severity: | medium | Docs Contact: | |||||||
Priority: | medium | ||||||||
Version: | rawhide | CC: | rvokal | ||||||
Target Milestone: | --- | Keywords: | FutureFeature | ||||||
Target Release: | --- | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | Enhancement | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2004-02-27 23:11:43 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Attachments: |
|
Description
Kaj J. Niemi
2004-02-20 17:01:54 UTC
Created attachment 97865 [details]
patch to ipsec-tools.spec from version 0.2.2-8 to 0.2.4
Created attachment 97867 [details]
Patch to fix racoon destination also install racoonctl
Woops. Just discovered 80 unread messages in ipsec-tools-devel. Will look at this this week or next. Note that there's also the consideration of shipping openswan. This is just IMHO and applies to all vpn software on linux. From a business/road warrior perspective the clients are of low use unless they support NAT (Port) Traversal, DPD, integration with one's IGP, authentication from somewhere else than racoon.conf. IPSec over udp or tcp would be a nice to have as well. There was a set of patches to Free/SWAN attempting to nat traversal, afaik. I've preferred KAME over Free/SWAN for server to server connections where there is no NATting between and no ACLs filtering out isakmp/udp and protocols ESP/AH. It works great on FreeBSD and works pretty nice on Linux, too. The Cisco VPN Client is a nice example of a working VPN client. It doesn't come with full source nor is it free (licenses are usually included with the VPN Concentrator, the PIX or IOS Easy VPN) but it really does work everywhere. Someone ought to kick them to make the client work again with kernel 2.6.2 and up. Getting back to the topic.. Is CIPE going to stay, too? Openswan had DPD in their roadmap along with NAT-T, I vote go for it ;-) I'll go ahead and close this as 0.2.4 is in rawhide. Thanks. |