Re: [patch] novellvpn - vpn daemon for ipsec gateways

[Tim Niemueller <tim niemueller de>]

Haripriya S wrote:
> Hi Tim,
> 
> I think you have a valid point. But the reason why chose we call this novellvpn service is because it uses the Novell VPN client for talking to the gateways (similar to Cisco vpnc service using the Cisco VPN client). The Novell client supports (as of now) both the standard modes (X.509) for standard ipsec gateway support, and also supports an XAuth derivative (proprietary extensions) for talking to a Nortel contivity switch (will also support Novell BorderManager specific modes in the future). That's why we called it novellvpn service since the info we pass for the non-X.509 modes will not be usable by every ipsec client.

OK, so it seems that novellvpn is a front-end for ipsec-tools and
turnpike/Racoon and a bunch of related stuff? Is it OS? Is there a
project website for this besides the Wiki page?

X.509 support is on the vpnc todo. Could it be that adding this to vpnc
would make novellvpn a nortelvpn with later planned novellvpn extensions?

Maybe this calls for a method in NM to allow vpn-plugins to display more
than one name. This way the novellvpn could have entries in the list for
"IPSec VPN" and "Nortel VPN" and not just "Novell VPN" (which I'm pretty
sure no one would expect to be used for IPSec). So the semantic should
shift from naming the client to naming the type of VPN you can connect
to (since this is the interesting information to the user and not what
program is actually used to establish the connection). This may require
later some additional choice if there are multiple clients for a
specific VPN type (like vpnc and novellvpn for IPSec/XAuth).

	Tim

-- 
    Tim Niemueller <tim niemueller de>      www.niemueller.de
=================================================================
 Imagination is more important than knowledge. (Albert Einstein)