On Thursday 27 March 2003 04:10 am, Simon Chalk wrote: > 1) Do I need ipsec or ipsec509 for use with windows 2000 servers located on > each network.
As CS noted, this doesn't matter as long as both are gateways. x509 certs are much more difficult than RSA-keys IMHO. > 2) If I do need ipsec509, then I note that the current release of Bering > seems to have broken links to the ipsec509.lrp file. There are not seperate packages in the Bering-1.1 ipsec package. ipsec.lrp has all patches including x509 and NAT-transversal applied to it in /latest. > 3) Is there any further documentation on the setup of ipsec for a network > to network setup, particularily with setup of certificates. I started to go > through the Bering documentation (LEAF "Bering" user's guide), and > attempted to use the openssl, which is installed on my spare Mandrake 9.0 > box, but errors are generated when I try to run the following to setup a > certificate authority. The command to make a cert with OpenSSL is depreciated now IIRC. There was a post in the leaf-user archives that described the new command(s)/method for creating a cert, but I haven't used it personally. Current documentation for FreeS/WAN and OpenSSL will likely include instructions for creating certs as well. I agree with CS in that you will likely find it easier to use the Bering boxes as ipsec-gateways and authenticate with RSA keys. -- ~Lynn Avants Linux Embedded Appliance Firewall Developer http://leaf.sourceforge.net http://guitarlynn.homelinux.org:81 ------------------------------------------------------- This SF.net email is sponsored by: The Definitive IT and Networking Event. Be There! NetWorld+Interop Las Vegas 2003 -- Register today! http://ads.sourceforge.net/cgi-bin/redirect.pl?keyn0001en ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
