[ previous ] [ next ] [ threads ]
 From:  Chris Buechler <cbuechler at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] IPSEC Site-to-site VPN firewall
 Date:  Thu, 27 Jan 2005 22:10:23 -0500
On Thu, 27 Jan 2005 21:25:28 +0100, Manuel Kasper <mk at neon1 dot net> wrote:
> I haven't looked into using gif interfaces in conjunction with IPsec
> tunnels, but if anyone can propose a secure (resistant to spoofing)
> and interoperable (with other IPsec implementations) solution, that
> would be very interesting.

From my past experience with gif interfaces, interoperability presents
a huge problem.  They have worked great between two FreeBSD boxes for
me in the past, but haven't worked at all with other (commercial)
IPsec devices.  m0n0wall's current IPsec is interoperable with pretty
much anything that does standard IPsec.