Hi,
>From www.netgear.com I got these specs of your netgear router:
***
VPN Functionality: SEight (8) dedicated BPN tunnels, Manual dey and IKE
Security Association (SA) assignment, 56-bit (DES) or 168-bit (3DES) IPsec
encryption algorithm, MD5 or SHA-1 authentication algorithm, pre-shared key,
perfect forward secrecy (Diffie-Helman and Oakley client support), key life
and IKE lifetime time settings, prevent replay attack, remote access VPN
(client-to-site), site-to-site VPN, IPSec NAT traversal (VPN pass-through).
***
3DES, MD5, SHA-1, are all supported. Maybe I''m wrong, but I
don''t see why it
wouldn''t be possible with Shorewall + FreeS/WAN
The Shorewall IPSEC site-to-site tunnel setup guide can be found here:
http://www.shorewall.net/IPSEC.htm
And don''t forget to install and configure FreeS/WAN
(http://www.freeswan.org)
Niels.
-----Original Message-----
From: Jan Johansson [mailto:jan.johansson@nwl.se]
Sent: 23 September 2002 14:22
To: shorewall-users@shorewall.net
Subject: [Shorewall-users] IPSec recommendations.
Before i take the easy way out, i would like some opinions.
A couple of weeks from now, our office will be using Shorewall... Well,
atleast for a year or so until we are forced to purchase a NetScreen outfit
to comply with the "Motherships" requirement for acceptans into the
global
WAN.. Anyhow..
We need some sort of VPN from a remote location that houses about 5 systems.
The remote site is using ADSL, so i figured i would deploy something like a
NetGear FVS318GE VPN router there. How much hassle would it be to make our
Shorewall box act as a IPSec server, and grant access for the remote clients
into our DMZ and LOC zones? Or am i beffer off just buying two 318''s
and
using another of our external IP''s for that purpose?
IPSec is confusing to me.