VPN Server
Charles Steinkuehler
charles at steinkuehler.net
Thu Sep 19 18:41:42 CDT 2002
> I also installed Freeswan, while testing. It installed and runs
> fine, but does not support X509 certificates. Needs a kernel patch
> to gain this functionality, as I understand it. (See
> http://www.natecarlson.com/include/showpage.php?cat=linux&page=ipsec-x
> 509)
>
> Now, I'm not using RH7.3, so perhaps (ray of hope) the default RH
> Kernel now supports X509 out of the box?
The patches required for x.509 support do *NOT* modify the kernel, just
the user-mode code.
You might also want to check out Super FreeS/WAN...it's FreeS/WAN
patched for x.509, Notify/Delete SA, NAT Traversal, and additional
encryption algorithms. Info can be found here:
http://www.freeswan.ca/download.php
...various RPM's are available as well, if desired.
Charles Steinkuehler
charles at steinkuehler.net
More information about the Kclug
mailing list