Re: [Users] ... only secure communication

On 03/27/2003 09:32 AM, Pavel Chvalkovský wrote:
>
> Is it possible to configure FreeS/WAN to allow connections from

Definitely it can. I've been doing this for years.

> when it doesn't support this security feature?

Please refer to

   http://www.monmouth.com/~jsd/vpn/ipsec+routing/cns.htm

In particular the part where it says:

      Some people say FreeS/WAN "doesn't support" inbound
      policy checking. Well, maybe, but remember that
      supported/unsupported does not mean the same thing as
      mandatory/recommended/deprecated/forbidden.
      FreeS/WAN does not "support" awk, but it is mandatory.
      You must provide awk on your own, or FreeS/WAN won't run.
      Similarly, FreeS/WAN won't do your inbound policy
      checking or other unbadness checks, but it is strongly
      recommended that you do it on your own. You can do this
      using the plain old packet-filtering mechanism. Writing the
      code to do this is laborious and slightly tricky. You need a
      first loop over all devices allowing good things to happen,
      and then you need a second loop over all devices
      disallowing everything else. You can't do it using just one
      loop (except in the simplest cases).

> Can I di it with PSK?

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related lists.freeswan.org Links 1998-fall 1998-spring 1998-summer 1998-winter 1999-winter announce briefs bugs design freeswan-list hipsec ietf-sectest users users-admin Request more information about Pantek

You could, but you would almost certainly be better off using RSA.