> Does anyone know the status of Linux VPN? Will it talk to a
> CheckPoint Firewall-1 firewall?
I did a little googling and came up with this:
> There's a Checkpoint-to-FreeS/WAN Howto at;
> http://kubarb.phsx.ukans.edu/~tbird/vpn.html
As the various VPN howtos explain, there are various tunneling
schemes. IpSec (caps?) is the standard promoted by the IETF,
and used by Cisco and obviously checkpoint.
Freeswan is the Free Software version.
Some points about freeswan:
* it generally means patching and compiling the kernel (apparantly
not SuSE - don't kow about various international distros). This
is not incredibly difficult, as one of the freeswan
make options basically does everything for you bar pushing the reset
button.
* there is a fair bit of doco you have to read. This is fair
enough, because there is a lot to know.
* the stock standard freeswan won't do DES. This is only
important because older equipment (i.e. the router at the other
end you may have to work with) may not do the recommended 3DES.
Cisco, for example, couldn't export 3DES till this year. (AFAIK).
The patch to freeswan to do DES is around. (It is actually in there,
you patch it to enable it).
The nice thing about freeswan is that you can run it on
a Linux box acting as a firewall / router, and have complete
LAN - LAN connectivity. The various Windows clients will probably only
give you one machine to remote connectivity.
Jamie
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
