Darrell, > Case in point is the FreeS/WAN project. There is a huge demand for > this. I have no doubt we will get this working. On our own this may > take longer then if Mitel assisted us,
We have already solved this issue. It is part of ServiceLink, and, having personally set up a good number of VPNs in the past, the implementation our developers created for establishing IPSEC VPNs is without a doubt one of the slickest and coolest implementations I have ever seen. We mention what you see in the server manager in the user manual at: http://www.e-smith.org/docs/manual/5.0/servicelink-vpn.html and a little bit more of general text at: http://www.e-smith.org/docs/manual/5.0/servicelink.html On the administration end, there is a simple configuration form at the NOC where the partner chooses one ServiceLink-enabled server as the primary server in the VPN, selects a checkbox next to each of the other servers that are to be in the VPN... and that is it. Within a short time (which can be manually sped up) all of the servers are linked in a secure VPN and are able to share information between servers. I have yet to see any tool that comes even *remotely* close to making IPSEC VPN setup as simple as what our developers have created. And we have customers now who are using ServiceLink to deploy IPSEC VPNs between numbers of their offices... and it is working tremendously well. But all of that development to make the solution so simple and solid did cost a whole lot of time and money (especially as we had to develop a separate codebase and be sure that it interacted with FreeS/WAN in ways that are compliant with the GPL (and it does - we take the GPL *very* seriously here - and license all of our non-ServiceLink code under the GPL))... and running a 24x7 redundant NOC to facilitate secure key exchange and interaction is *definitely* not cheap, so the simplicity comes at a price - the servers have to subscribe to ServiceLink. When they do, all works fantastically well. Simple. Easy. Secure. Reliable. Everything that folks have come to expect from us. Because we knew that not everyone using our product would become a ServiceLink subscriber, and because we want to support the open source developer community as much as possible, we included the FreeS/WAN RPMs with the base server product so that others can use them in other combinations and with other products. For folks that do not want to use ServiceLink, they are free to create IPSEC VPNs as I have seen folks working on doing here. We encourage that and I am sure many folks out there will do all sorts of things that we can not even imagine. That is the cool part about living in an open source world and I look forward to seeing all that evolves. And while I am sure some of our developers will help out when they can, if you do not see us spending a huge amount of developer cycles helping out with FreeS/WAN here on devinfo, it is because we have already solved the issue with a solution that totally rocks. My 2 cents, Dan -- Dan York, Director of Training, Network Server Solutions Group Mitel Networks Corporation [EMAIL PROTECTED] Ph: +1-613-751-4401 Cell: +1-613-263-4312 Fax: +1-613-564-7739 150 Metcalfe Street, Suite 1500, Ottawa,ON K2P 1P1 Canada http://www.e-smith.com/ http://www.mitel.com/sme/ -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
