April 23rd, 2005

Openswan

I have several entries to write: one flaming about Openswan, one about eventual conclusions for clothes matching and one on general state of life/moving into apartment. The Openswan entrie requires the least new thought and I'm getting tired so I'll write it now.


So, at new apartment, I need a tunnel so I can have static IPs. I have a colo box and it has a /29 for my use.
Collapse )
Collapse )
Collapse )
Linux is sadly not really that far behind in the IPsec world. The only thing that is Linux-specific is that there are a lot of options to choose from. As far as I can tell all the operating systems I've tried to get IPsec working on—AIX, Cisco IOS, NetBSD—are about as complicated. My conclusion is that I'll keep using IPsec since I've got it working. However my needs would have been more easily met by an IPIP tunnel and some mechanism to deal with mobility. No, for my next project I will *not* get Mobile IP working.