Re: Support for L2TP/IPsec



On Sun, 2008-05-25 at 20:19 +0900, David Smith wrote:
> Vincent Bernat <bernat luffy cx> writes:
> 
> > OoO En cette  aube naissante du dimanche 25 mai  2008, vers 07:10, David
> > Smith <dds google com> disait:
> >
> >> Vincent, in your setup is there a strong reason you are using openswan
> >> instead of strongswan? Please share.
> >
> > Hi David!
> >
> > I have not tried StrongSWAN, so I have no reason to use OpenSWAN instead
> > of StrongSWAN.
> 
> OK, could you please double-check that your configuration works with
> strongswan as well as openswan? I want to propose that we focus on one
> IKE implementation and considering the features available in strongswan,
> that it works with the most server implementations especially Windows
> 2003 and 2008 Server and that it supports smartcards the best make it a
> lead contender. Dan, what do you think of deciding on an IKE? Something
> like a bake-off?

It mostly depends on what the various distros will be willing to
package.  I don't have a strong preference since I know next to nothing
about either of them.  But if we "bless" one then we have to have a
pretty convincing story as to why we chose one over the other, so that
we can tell that story to distros when they start asking why they need
to package something else that has roughly the same functionality as
something they already have.

Is strongswan a fork of openswan?  If so, was openswan upstream
reluctant to take certain patches and thus the strongswan fork?  Is
there an intention to merge strongswan back into openswan in the future?
That sort of thing.  Unfortunately the politics matter to distros...

Dan



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]