On Fri, 21 May 2010, Dan McDonald wrote:
You're paiting too broad. That should read, "...which would handle XAUTH and MODE-CFG." We do IPsec and IKE without those extensions just fine, thank you very much.
It needs to handle both phases of negotiation. Can Solaris negotiate them? The cost of a router is small in comparison to the cost of a server. We have everything connected through IPSEC/IKE, all the routers and servers in a 1/2 rack are all securely connected to each other, it's a great design, IMO, which requires the client create a tunnel to connect.
-- Alan DuBoff - Software Orchestration http://www.softorchestra.com:8080/roller/blog/ _______________________________________________ security-discuss mailing list [email protected]
