On Thu, 27 Jan 2005 21:25:28 +0100, Manuel Kasper <mk at neon1 dot net> wrote:
> I haven't looked into using gif interfaces in conjunction with IPsec
> tunnels, but if anyone can propose a secure (resistant to spoofing)
> and interoperable (with other IPsec implementations) solution, that
> would be very interesting.
From my past experience with gif interfaces, interoperability presents
a huge problem. They have worked great between two FreeBSD boxes for
me in the past, but haven't worked at all with other (commercial)
IPsec devices. m0n0wall's current IPsec is interoperable with pretty
much anything that does standard IPsec.