Re: Support for L2TP/IPsec

From: Dan Williams <dcbw redhat com>
To: Vincent Bernat <bernat luffy cx>
Cc: networkmanager-list gnome org
Subject: Re: Support for L2TP/IPsec
Date: Fri, 23 May 2008 17:19:38 -0400

On Fri, 2008-05-23 at 21:32 +0200, Vincent Bernat wrote:
> OoO  En ce  début de  soirée du  vendredi 23  mai 2008,  vers  21:29, je
> disais:
> 
> >> Well, this would be a bit difficult. There others IKE daemon that may be
> >> configured this way:
> >> - isakmpd from OpenBSD accepts  to be enterily configured using a named
> >> pipe
> >> - iked from  Shrew Soft VPN client has an IKE  daemon that also accepts
> >> to be configured in a similar way
> 
> > Another thing to  know about those IKE daemons is that  only one can run
> > on the system.  Therefore, contrary to PPTP, we cannot  just spawn a new
> > one  for each  connection. The  same IKE  daemon can  handle  many IPsec
> > tunnels.
> 
> Oh, and this  is the same problem for xl2tpd: UDP  packets are from port
> 1701 to port 1701. So, only one daemon for the whole system.

That's just evil.  But, since we only support one VPN connection anyway
right now, not that big of a deal.  I'd like to change that in the
future though...

Dan

References:
- Support for L2TP/IPsec
  - From: Vincent Bernat
- Re: Support for L2TP/IPsec
  - From: Dan Williams
- Re: Support for L2TP/IPsec
  - From: Vincent Bernat
- Re: Support for L2TP/IPsec
  - From: Vincent Bernat
- Re: Support for L2TP/IPsec
  - From: Vincent Bernat

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]