Re: [m0n0wall] IPSEC Site-to-site VPN firewall

From:	Chris Buechler <cbuechler at gmail dot com>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] IPSEC Site-to-site VPN firewall
Date:	Thu, 27 Jan 2005 22:10:23 -0500

On Thu, 27 Jan 2005 21:25:28 +0100, Manuel Kasper <mk at neon1 dot net> wrote:
> 
> I haven't looked into using gif interfaces in conjunction with IPsec
> tunnels, but if anyone can propose a secure (resistant to spoofing)
> and interoperable (with other IPsec implementations) solution, that
> would be very interesting.
> 

From my past experience with gif interfaces, interoperability presents
a huge problem.  They have worked great between two FreeBSD boxes for
me in the past, but haven't worked at all with other (commercial)
IPsec devices.  m0n0wall's current IPsec is interoperable with pretty
much anything that does standard IPsec.

-Chris