Re: [patch] novellvpn - vpn daemon for ipsec gateways

From: "Haripriya S" <sharipriya novell com>
To: <NetworkManager-list gnome org>
Cc:
Subject: Re: [patch] novellvpn - vpn daemon for ipsec gateways
Date: Thu, 19 Jan 2006 04:50:40 -0700

We discussed this, and Tim's suggestion makes sense to us. So, initially
we thought we will rename the patch from novellvpn to ipsecvpn (to
signify that it is based on ipsec-tools and also that it is an ipsec
VPN), and the UI will take care of allowing specific gateway type
selection. Later we can probably work with other vpn-daemon developers
to do what Tim suggested - name the vpn services based on the type of
vpn + type of gateway, and allow registration of NM VPN daemons code to
support specific types of VPN and gateway types.

So, we will modify the patch and resend as ipsecvpn.

Regarding the question on turnpike - yes, turnpike is a collection of
client-side UI tools and a framework for extending racoon for specific
gateway support. turnpike is OSS and available at 
http://forge.novell.com/modules/xfmod/project/?turnpike

Thanks and Regards,
Haripriya

>>> Tim Niemueller <tim niemueller de> 01/17/06 3:01 pm >>> 
Haripriya S wrote:
> Hi Tim,
> 
> I think you have a valid point. But the reason why chose we call this
novellvpn service is because it uses the Novell VPN client for talking
to the gateways (similar to Cisco vpnc service using the Cisco VPN
client). The Novell client supports (as of now) both the standard modes
(X.509) for standard ipsec gateway support, and also supports an XAuth
derivative (proprietary extensions) for talking to a Nortel contivity
switch (will also support Novell BorderManager specific modes in the
future). That's why we called it novellvpn service since the info we
pass for the non- X.509 modes will not be usable by every ipsec client.

OK, so it seems that novellvpn is a front- end for ipsec- tools and
turnpike/Racoon and a bunch of related stuff? Is it OS? Is there a
project website for this besides the Wiki page?

X.509 support is on the vpnc todo. Could it be that adding this to
vpnc
would make novellvpn a nortelvpn with later planned novellvpn
extensions?

Maybe this calls for a method in NM to allow vpn- plugins to display
more
than one name. This way the novellvpn could have entries in the list
for
"IPSec VPN" and "Nortel VPN" and not just "Novell VPN" (which I'm
pretty
sure no one would expect to be used for IPSec). So the semantic should
shift from naming the client to naming the type of VPN you can connect
to (since this is the interesting information to the user and not what
program is actually used to establish the connection). This may
require
later some additional choice if there are multiple clients for a
specific VPN type (like vpnc and novellvpn for IPSec/XAuth).

	Tim

--  
    Tim Niemueller <tim niemueller de>      www.niemueller.de
=================================================================
 Imagination is more important than knowledge. (Albert Einstein)

_______________________________________________
NetworkManager- list mailing list
NetworkManager- list gnome org
http://mail.gnome.org/mailman/listinfo/networkmanager- list

References:
- [patch] novellvpn - vpn daemon for ipsec gateways
  - From: T Sureshkumar
- Re: [patch] novellvpn - vpn daemon for ipsec gateways
  - From: Tim Niemueller
- Re: [patch] novellvpn - vpn daemon for ipsec gateways
  - From: Haripriya S
- Re: [patch] novellvpn - vpn daemon for ipsec gateways
  - From: Tim Niemueller

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]