Christians, Stefan Mr. wrote:
You might want to take a look at Trustix www.trustix.net for you VPN routers..We are just migrating our network from RHL 8.0 and 9 to Fedora Core 1.
Up to now we have had an IPSEC VPN by using FreeS/wan patches. Since we implemented the VPN, some things have changed:
1) The reasons we had for choosing IPSEC over CIPE turned out to be non-issues (all arguments we had for using IPSEC were never used, needed or implemented).
2) We have found all software not included in the standard distribution packages to cause maintenance nightmares. We have therefore decided that if a required functionality is included in the standard distribution, we will not use 3rd party solutions.
So now the big question for us is whether we should migrate our VPN routers to Fedora Core 1 and convert them to CIPE, or whether we should wait a few more months until the 2.6 kernel with integrated IPSEC is included in the standard distribution.
The key question here is whether CIPE will be maintained as a Fedora Package once the 3.6 kernel is distributed, or whether it will gradually be phased out. We want to avoid converting to CIPE now and then back to IPSEC again after a year.
Can any Fedora developer or strategist comment on this?
Its an application specific distro with a prime objective of security and based originally on RH.. It has the Freeswan rpms as part of the distro so they are maintained by the team.. Also does away with the packages that are not needed for servers or routers so a minimum install is only about 90MB compared to Fedora of 500+..
That way you don't have to abandon your knowledge of freeswan..
Later..
