Re: Future of VPN: CIPE or IPSEC?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Christians, Stefan Mr. wrote:

We are just migrating our network from RHL 8.0 and 9 to Fedora Core 1.

Up to now we have had an IPSEC VPN by using FreeS/wan patches. Since we
implemented the VPN, some things have changed:

1) The reasons we had for choosing IPSEC over CIPE turned out to be
non-issues (all arguments we had for using IPSEC were never used, needed
or implemented).

2) We have found all software not included in the standard distribution
packages to cause maintenance nightmares. We have therefore decided that
if a required functionality is included in the standard distribution, we
will not use 3rd party solutions.


So now the big question for us is whether we should migrate our VPN routers to Fedora Core 1 and convert them to CIPE, or whether we should wait a few more months until the 2.6 kernel with integrated IPSEC is included in the standard distribution.

The key question here is whether CIPE will be maintained as a Fedora
Package once the 3.6 kernel is distributed, or whether it will gradually
be phased out. We want to avoid converting to CIPE now and then back to
IPSEC again after a year.

Can any Fedora developer or strategist comment on this?




You might want to take a look at Trustix www.trustix.net for you VPN routers..

Its an application specific distro with a prime objective of security and based originally on RH.. It has the Freeswan rpms as part of the distro so they are maintained by the team.. Also does away with the packages that are not needed for servers or routers so a minimum install is only about 90MB compared to Fedora of 500+..

That way you don't have to abandon your knowledge of freeswan..

Later..




[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux