Press release for version 1.0
FreeS/WAN 1.0 press
FreeS/WAN 1.1 press
Windows 2000
Kernels other than 2.0.38 and 2.2.14
Other 2.0.x Intel Kernels
2.2 and 2.3 Kernels
Kernels other than 2.0.38 and 2.2.14
2.2 and 2.3 Kernels
40-bits is laughably weak
SuSE Linux 5.3
IP version 6 (IPng)
SuSE 6.3 and 6.4
SuSE 6.3 and 6.4
Alpha 64-bit processors
PGP 6.5 Mac and Windows IPSEC Client, PGPnet
Pluto error "no acceptable transform" message
Xedia Access Point/QVPN
stall and test a kernel before adding FreeS/WAN
Add-ons and patches for FreeS/WAN
Road Warrior with virtual IP address
RSA example with static IP addresses
Advanced routing
Advantages of IPSEC
Advantages of public key methods
AES in IPSEC
Swan: Securing the Internet against Wiretapping
The Authentication Header (AH)
IPSEC Services, AH and ESP
Alpha 64-bit processors
Alternatives to DES
Analysis and critiques of IPSEC protocols
Applied FreeS/WAN
Other approaches to VPNs for Linux
Archives of the project mailing list
Archives of the project mailing list
Help spread IPSEC around
The Wassenaar Arrangement
Frequently Asked Question (FAQ) documents
The firewall ate my packets!
ssary" encryption to frustrate attackers
Using RSA signatures for authentication
The Authentication Header (AH)
Encryption without authentication is dangerous
Authentication methods for auto-keying
Using authentication without encryption
h ipsec manual before going to auto
lly keyed connection works and auto doesn't
Authentication methods for auto-keying
Testing Automatic connections
Automatic keying
Manual vs. automatic keying
Information available on your system
Background information on IP
Basic and tutorial Linux information
Basic protocols
Basics
Nortel (Bay Networks) Contivity switch
Install and test a kernel before adding FreeS/WAN
Test with ipsec manual before going to auto
Before starting the install
Testing between security gateways
Multiple tunnels between the same two gateways
Bibliography for the Linux FreeS/WAN project
Boot Time
Setting up connections at boot time
Borderware
Spooks may break DES faster yet
Networks break DES in a few weeks
Dedicated hardware breaks DES in a few days
IPSEC for BSD Unix
Building the software
What's in the RFCs.tar.gz bundle?
Small packets work, but large transfers fail
What You Can Do
Document CDs
Change Time
Checkpoint Firewall-1
Choosing a kernel
Choosing your connection types
Cisco Routers
PGP 6.5 Mac and Windows IPSEC Client, PGPnet
Related Linux code
Collections of crypto links
The ipsec(8) command
Commands
Linux FreeS/WAN compatibility Guide
Computer and network security
Kernel configuration
Linux FreeS/WAN Configuration
Linux FreeS/WAN configuration file
Configuration files
Configuration for a testbed network
Configuring the kernel yourself
Types of connection
Types of connection
Setting up various types of connection
Connection defaults
Editing a connection description
Pluto key and connection management daemon
Connection names in Pluto error messages
Choosing your connection types
If a manually keyed connection works and auto doesn't
Dropped connections
Testing Automatic connections
Setting up connections at boot time
If manually keyed connections don't work
Editing connections in ipsec.conf(5)
Nortel (Bay Networks) Contivity switch
US contributions to FreeS/WAN
License and copyright information
Corel Netwinder (StrongARM CPU)
Things FreeS/WAN uses or could use
Press coverage of Linux FreeS/WAN:
Corel Netwinder (StrongARM CPU)
CPUs other than Intel
Setting up a secure tunnel to create a VPN
Creating keys with ranbits
Analysis and critiques of IPSEC protocols
Crypto and security links
Crypto and security resources
Crypto and security standards
Surveys of crypto law
Collections of crypto links
Other information on crypto policy
Organisations opposing crypto restrictions
t's wrong with restrictions on cryptography
Cryptography Export Laws
Cryptography law and policy
Lists of online cryptography papers
Cryptography technical information
Current status
Currently Implemented Methods
The Pluto daemon
key and connection management daemon
tion without authentication is dangerous
d hardware breaks DES in a few days
Debian
Debugging on Debian
ifconfig reports for KLIPS debugging
Debugging on Debian
Dedicated hardware breaks DES in a few days
Connection defaults
Definitions
Deployment of IPSEC
We disable DES
Alternatives to DES
Systems that want to use DES
Spooks may break DES faster yet
Dedicated hardware breaks DES in a few days
Networks break DES in a few weeks
DES is Not Secure
Editing a connection description
Details of various things used
ns on IPSEC Using FreeS/WAN in different ways
Top directory
We disable DES
The RFCs.tar.gz Distribution File
Distribution Roadmap What's Where in Linux FreeS/WAN
Distribution sites
Distribution text files
Distributions including FreeS/WAN
Intel Linux distributions other than Redhat
Key exchange using DNS
Putting public keys in DNS
RFCs for secure DNS service, which IPSEC may use
What You Can Do
Sections of this document
Document CDs
Documentation
Printed documentation
Linux Documentation Project
Our HTML documents
RFCs and other reference documents
blished test results and HowTo documents
requently Asked Question (FAQ) documents
Documents from outside the FreeS/WAN team
IPSEC overview documents or slide sets
Other documents with web links
eyed connection works and auto doesn't
Yellow Dog Linux on Power PC
Doing it step-by-step
If manually keyed connections don't work
Internet Drafts
er sources for RFCs & Internet drafts
Dropped connections
Dropped packets
Dynamic Network Interfaces
ECONNREFUSED error message
Editing a connection description
Editing connections in ipsec.conf(5)
Encapsulated Security Payload (ESP)
Using authentication without encryption
Using "unnecessary" encryption to frustrate attackers
Encryption without authentication is dangerous
Server end
Road Warrior end
mation in languages other than English
ECONNREFUSED error message
Connection names in Pluto error messages
Pluto error "no acceptable transform" message
IPSEC Services, AH and ESP
Encapsulated Security Payload (ESP)
Road Warrior example
Our example network
RSA example with static IP addresses
RSA signature examples
IKE (Internet Key Exchange)
Unauthenticated key exchange
Key exchange using a PKI
Key exchange using DNS
RFCs labelled "experimental"
Cryptography Export Laws
Export status of Linux FreeS/WAN
Extruded Subnets
kets work, but large transfers fail
Frequently Asked Question (FAQ) documents
Spooks may break DES faster yet
cated hardware breaks DES in a few days
Networks break DES in a few weeks
Linux FreeS/WAN Index file
The RFCs.tar.gz Distribution File
Linux FreeS/WAN configuration file
Files
Configuration files
Distribution text files
Simplifying ipsec.conf files
RTFM (please Read The Fine Manuals)
FIPS standards
The firewall ate my packets!
Firewall links
Raptor Firewall on Windows NT
Checkpoint Firewall-1
Linux firewalls
FreeBSD
Freegate
Applied FreeS/WAN
In Linux FreeS/WAN
Not (yet) in Linux FreeS/WAN
US contributions to FreeS/WAN
Web links for Linux FreeS/WAN
Export status of Linux FreeS/WAN
Add-ons and patches for FreeS/WAN
Distributions including FreeS/WAN
Press coverage of Linux FreeS/WAN:
Mailing lists related to FreeS/WAN
Other web information on FreeS/WAN
Roadmap What's Where in Linux FreeS/WAN
nd test a kernel before adding FreeS/WAN
FreeS/WAN 1.0 press
FreeS/WAN 1.1 press
Linux FreeS/WAN compatibility Guide
Linux FreeS/WAN Configuration
Linux FreeS/WAN configuration file
Variations on IPSEC Using FreeS/WAN in different ways
Linux FreeS/WAN Index file
FreeS/WAN Library
The FreeS/WAN mailing list
FreeS/WAN manual pages
Linux FreeS/WAN Overview
FreeS/WAN parts
The Linux FreeS/WAN Project
Glossary for the Linux FreeS/WAN project
Bibliography for the Linux FreeS/WAN project
Linux FreeS/WAN RFC List
Linux FreeS/WAN Setup
Documents from outside the FreeS/WAN team
Linux FreeS/WAN Troubleshooting
Things FreeS/WAN uses or could use
Frequently Asked Question (FAQ) documents
Many tunnels from a single gateway
Documents from outside the FreeS/WAN team
ng "unnecessary" encryption to frustrate attackers
F-Secure VPN for Windows
Many tunnels from a single gateway
Testing between security gateways
e tunnels between the same two gateways
General IPSEC or VPN information
General Linux sites
Getting kernel source
Other glossaries
Jump to a letter in the glossary
Glossary for the Linux FreeS/WAN project
Project goals
Test with ipsec manual before going to auto
Lists for IETF working groups
Linux FreeS/WAN compatibility Guide
Dedicated hardware breaks DES in a few days
The Authentication Header (AH)
Help spread IPSEC around
Pluto problem hints
Links to home pages
Published test results and HowTo documents
Our HTML documents
Lists for IETF working groups
ifconfig reports for KLIPS debugging
Phases of IKE
IKE (Internet Key Exchange)
Structure of IKE messages
IPSEC Implementations
Open source IPSEC implementations
Other Linux IPSEC implementations
nteroperation with other IPSEC implementations
Methods not yet implemented
Currently Implemented Methods
Implemented parts of the IPSEC Specification
Imported Libraries
Distributions including FreeS/WAN
Linux FreeS/WAN Index file
Web information
Status information
Miscellaneous Linux information
General IPSEC or VPN information
License and copyright information
Cryptography technical information
Basic and tutorial Linux information
Information available on your system
IPSEC information in languages other than English
Other information on crypto policy
Other web information on FreeS/WAN
Background information on IP
Before starting the install
Install and test a kernel before adding FreeS/WAN
Testing the installation
Installation steps
CPUs other than Intel
Other 2.0.x Intel Kernels
Intel Linux distributions other than Redhat
Particularly interesting papers
Setting up interfaces
Dynamic Network Interfaces
Swan: Securing the Internet against Wiretapping
Internet Drafts
Other sources for RFCs & Internet drafts
IKE (Internet Key Exchange)
Interoperability
Interoperability problems
Interoperability results
Interoperability test sites
Interoperation problems
Interoperation with other IPSEC implementations
Introduction
Background information on IP
Road Warrior with virtual IP address
RSA example with static IP addresses
KLIPS: kernel IP security
IP version 6 (IPng)
IP version 6 (IPng)
AES in IPSEC
The Role of IPSEC
Some uses of IPSEC
Structure of IPSEC
Advantages of IPSEC
Deployment of IPSEC
Limitations of IPSEC
Help spread IPSEC around
PGP 6.5 Mac and Windows IPSEC Client, PGPnet
IPSEC for BSD Unix
IPSEC for other systems
IPSEC Implementations
Open source IPSEC implementations
Other Linux IPSEC implementations
Interoperation with other IPSEC implementations
IPSEC in router products
IPSEC information in languages other than English
IPSEC links
Test with ipsec manual before going to auto
for secure DNS service, which IPSEC may use
IPSEC modes
General IPSEC or VPN information
IPSEC overview documents or slide sets
Multiple layers of IPSEC processing are possible
The IPSEC Protocols
Analysis and critiques of IPSEC protocols
IPSEC Services, AH and ESP
Implemented parts of the IPSEC Specification
KLIPS: Kernel IPSEC Support
Operating systems with IPSEC support
Variations on IPSEC Using FreeS/WAN in different ways
The ipsec(8) command
Simplifying ipsec.conf files
The setup section of ipsec.conf(5)
Editing connections in ipsec.conf(5)
Putting secrets in ipsec.secrets(5)
IRE Safenet/SoftPK
Jump to a letter in the glossary
Choosing a kernel
Install and test a kernel before adding FreeS/WAN
Kernel configuration
KLIPS: kernel IP security
KLIPS: Kernel IPSEC Support
Getting kernel source
Configuring the kernel yourself
2.2 and 2.3 Kernels
Other 2.0.x Intel Kernels
Kernels other than 2.0.38 and 2.2.14
Pluto key and connection management daemon
IKE (Internet Key Exchange)
Unauthenticated key exchange
Key exchange using a PKI
Key exchange using DNS
Key management
Key management
Advantages of public key methods
If a manually keyed connection works and auto doesn't
If manually keyed connections don't work
Keyed MD5 and Keyed SHA
Keyed MD5 and Keyed SHA
Manually keyed test
Manual keying
Automatic keying
Manual vs. automatic keying
Using manual keying in production
Putting public keys in DNS
Creating keys with ranbits
ifconfig reports for KLIPS debugging
KLIPS: kernel IP security
KLIPS: Kernel IPSEC Support
RFCs labelled "experimental"
IPSEC information in languages other than English
Shiva/Intel LANrover
Small packets work, but large transfers fail
40-bits is laughably weak
US Law
Surveys of crypto law
Cryptography law and policy
Cryptography Export Laws
Multiple layers of IPSEC processing are possible
Jump to a letter in the glossary
Security protocols at other levels
Libraries
Imported Libraries
FreeS/WAN Library
Library routines
License and copyright information
Limitations of IPSEC
VPN links
IPSEC links
Firewall links
Security links
Crypto and security links
Collections of crypto links
Other documents with web links
World Wide Web links for Linux
Web links for Linux FreeS/WAN
Links to home pages
SuSE Linux
Security for Linux
World Wide Web links for Linux
Other approaches to VPNs for Linux
SuSE Linux 5.3
Related Linux code
Intel Linux distributions other than Redhat
Linux Documentation Project
Linux firewalls
In Linux FreeS/WAN
Not (yet) in Linux FreeS/WAN
Web links for Linux FreeS/WAN
Export status of Linux FreeS/WAN
Press coverage of Linux FreeS/WAN:
bution Roadmap What's Where in Linux FreeS/WAN
Linux FreeS/WAN compatibility Guide
Linux FreeS/WAN Configuration
Linux FreeS/WAN configuration file
Linux FreeS/WAN Index file
Linux FreeS/WAN Overview
The Linux FreeS/WAN Project
Glossary for the Linux FreeS/WAN project
Bibliography for the Linux FreeS/WAN project
Linux FreeS/WAN RFC List
Linux FreeS/WAN Setup
Linux FreeS/WAN Troubleshooting
Miscellaneous Linux information
Basic and tutorial Linux information
Other Linux IPSEC implementations
Linux mailing lists
Yellow Dog Linux on Power PC
Vendors with Linux products
General Linux sites
Linux FreeS/WAN RFC List
The FreeS/WAN mailing list
rchives of the project mailing list
rchives of the project mailing list
Linux mailing lists
Other mailing lists
Lists for IETF working groups
Lists for related software and topics
Lists of online cryptography papers
Mailing lists related to FreeS/WAN
Logs used
PGP 6.5 Mac and Windows IPSEC Client, PGPnet
The FreeS/WAN mailing list
Archives of the project mailing list
Archives of the project mailing list
Linux mailing lists
Other mailing lists
Mailing lists related to FreeS/WAN
man pages provided
Key management
Key management
Pluto key and connection management daemon
Test with ipsec manual before going to auto
Manual keying
Using manual keying in production
FreeS/WAN manual pages
Manual vs. automatic keying
If a manually keyed connection works and auto doesn't
If manually keyed connections don't work
Manually keyed test
RTFM (please Read The Fine Manuals)
Many tunnels from a single gateway
Matching numbers
Older RFCs which may be referenced
Spooks may break DES faster yet
ecure DNS service, which IPSEC may use
Keyed MD5 and Keyed SHA
ECONNREFUSED error message
rror "no acceptable transform" message
Structure of IKE messages
onnection names in Pluto error messages
Currently Implemented Methods
Advantages of public key methods
Authentication methods for auto-keying
Methods not yet implemented
MIPS processors
Mirror Sites
Miscellaneous Linux information
Mklinux
Tunnel mode
Transport mode
IPSEC modes
Multiple layers of IPSEC processing are possible
Multiple tunnels between the same two gateways
The firewall ate my packets!
Connection names in Pluto error messages
Corel Netwinder (StrongARM CPU)
Our example network
Configuration for a testbed network
Dynamic Network Interfaces
Computer and network security
Networks break DES in a few weeks
Nortel (Bay Networks) Contivity switch
Pluto error "no acceptable transform" message
Nortel (Bay Networks) Contivity switch
DES is Not Secure
Methods not yet implemented
Not (yet) in Linux FreeS/WAN
Raptor Firewall on Windows NT
Matching numbers
Sequence numbers
Older RFCs which may be referenced
Lists of online cryptography papers
Open source IPSEC implementations
OpenBSD
Operating systems with IPSEC support
Organisations opposing crypto restrictions
Organisations opposing crypto restrictions
Other 2.0.x Intel Kernels
Other approaches to VPNs for Linux
Other documents with web links
Other glossaries
Other information on crypto policy
Interoperation with other IPSEC implementations
Security protocols at other levels
Other Linux IPSEC implementations
Other mailing lists
RFCs and other reference documents
Other sources for RFCs & Internet drafts
IPSEC for other systems
Kernels other than 2.0.38 and 2.2.14
IPSEC information in languages other than English
CPUs other than Intel
Intel Linux distributions other than Redhat
Other web information on FreeS/WAN
Our example network
Our HTML documents
Documents from outside the FreeS/WAN team
Linux FreeS/WAN Overview
IPSEC overview documents or slide sets
Overview RFCs
Dropped packets
The firewall ate my packets!
Small packets work, but large transfers fail
Links to home pages
FreeS/WAN manual pages
man pages provided
Particularly interesting papers
Lists of online cryptography papers
Particularly interesting papers
FreeS/WAN parts
Implemented parts of the IPSEC Specification
Add-ons and patches for FreeS/WAN
Encapsulated Security Payload (ESP)
Yellow Dog Linux on Power PC
PGP 6.5 Mac and Windows IPSEC Client, PGPnet
Mac and Windows IPSEC Client, PGPnet
Phases of IKE
Photuris
Key exchange using a PKI
RTFM (please Read The Fine Manuals)
The Pluto daemon
Connection names in Pluto error messages
Pluto error "no acceptable transform" message
Pluto key and connection management daemon
Pluto problem hints
Xedia Access Point/QVPN
Cryptography law and policy
Other information on crypto policy
layers of IPSEC processing are possible
Yellow Dog Linux on Power PC
FreeS/WAN 1.0 press
FreeS/WAN 1.1 press
Press coverage of Linux FreeS/WAN:
Press release for version 1.0
Primary site
Printed documentation
Pluto problem hints
Problem Reporting
Interoperation problems
Interoperability problems
Multiple layers of IPSEC processing are possible
MIPS processors
Sun SPARC processors
Alpha 64-bit processors
Using manual keying in production
Using shared secrets in production
IPSEC in router products
Vendors with Linux products
Linux Documentation Project
The Linux FreeS/WAN Project
graphy for the Linux FreeS/WAN project
ossary for the Linux FreeS/WAN project
Project goals
Archives of the project mailing list
Archives of the project mailing list
Related projects
Basic protocols
The IPSEC Protocols
nalysis and critiques of IPSEC protocols
Security protocols at other levels
Services provided
man pages provided
Advantages of public key methods
Putting public keys in DNS
Published test results and HowTo documents
Putting public keys in DNS
Putting secrets in ipsec.secrets(5)
Frequently Asked Question (FAQ) documents
Creating keys with ranbits
Raptor Firewall on Windows NT
RTFM (please Read The Fine Manuals)
Linux distributions other than Redhat
RFCs and other reference documents
Older RFCs which may be referenced
Web References
Related Linux code
Related projects
Related RFCs
Lists for related software and topics
Mailing lists related to FreeS/WAN
Press release for version 1.0
Problem Reporting
ifconfig reports for KLIPS debugging
Crypto and security resources
Organisations opposing crypto restrictions
What's wrong with restrictions on cryptography
Interoperability results
Published test results and HowTo documents
Linux FreeS/WAN RFC List
RFCs
Related RFCs
Overview RFCs
Other sources for RFCs & Internet drafts
RFCs and other reference documents
RFCs for secure DNS service, which IPSEC may use
RFCs labelled "experimental"
Older RFCs which may be referenced
What's in the RFCs.tar.gz bundle?
The RFCs.tar.gz Distribution File
Road Warrior end
Road Warrior example
Road Warrior support
Road Warrior with virtual IP address
RSA for road warriors
Distribution Roadmap What's Where in Linux FreeS/WAN
The Role of IPSEC
IPSEC in router products
Cisco Routers
Library routines
Advanced routing
RSA example with static IP addresses
RSA for road warriors
RSA signature examples
Using RSA signatures for authentication
RTFM (please Read The Fine Manuals)
IRE Safenet/SoftPK
Multiple tunnels between the same two gateways
Putting secrets in ipsec.secrets(5)
Using shared secrets in production
The setup section of ipsec.conf(5)
Sections of this document
DES is Not Secure
RFCs for secure DNS service, which IPSEC may use
Setting up a secure tunnel to create a VPN
Swan: Securing the Internet against Wiretapping
KLIPS: kernel IP security
Computer and network security
Security for Linux
Testing between security gateways
Security links
Crypto and security links
Encapsulated Security Payload (ESP)
Security protocols at other levels
Crypto and security resources
Crypto and security standards
Security tools
Sequence numbers
Server end
RFCs for secure DNS service, which IPSEC may use
IPSEC Services, AH and ESP
Services provided
EC overview documents or slide sets
Setting up a secure tunnel to create a VPN
Setting up connections at boot time
Setting up interfaces
Setting up various types of connection
Linux FreeS/WAN Setup
The setup section of ipsec.conf(5)
Keyed MD5 and Keyed SHA
Using shared secrets in production
Shiva/Intel LANrover
RSA signature examples
Using RSA signatures for authentication
The simplest way
Simplifying ipsec.conf files
Many tunnels from a single gateway
Primary site
Mirror Sites
Distribution sites
General Linux sites
Interoperability test sites
SKIP
Slackware
IPSEC overview documents or slide sets
Small packets work, but large transfers fail
Building the software
Lists for related software and topics
Sun Solaris
Getting kernel source
Open source IPSEC implementations
Other sources for RFCs & Internet drafts
Sun SPARC processors
Implemented parts of the IPSEC Specification
Spooks may break DES faster yet
Help spread IPSEC around
FIPS standards
Crypto and security standards
Before starting the install
RSA example with static IP addresses
Current status
Status information
Export status of Linux FreeS/WAN
Doing it step-by-step
Installation steps
Corel Netwinder (StrongARM CPU)
Structure of IKE messages
Structure of IPSEC
Extruded Subnets
Subsystems
Sun Solaris
Sun SPARC processors
Road Warrior support
KLIPS: Kernel IPSEC Support
Operating systems with IPSEC support
Surveys of crypto law
SuSE 6.3 and 6.4
SuSE Linux
SuSE Linux 5.3
Swan: Securing the Internet against Wiretapping
ortel (Bay Networks) Contivity switch
Information available on your system
IPSEC for other systems
Systems that want to use DES
Operating systems with IPSEC support
Testing with tcpdump
nts from outside the FreeS/WAN team
Cryptography technical information
Manually keyed test
Install and test a kernel before adding FreeS/WAN
Published test results and HowTo documents
Interoperability test sites
Test with ipsec manual before going to auto
Configuration for a testbed network
Testing Automatic connections
Testing between security gateways
Testing the installation
Testing with tcpdump
Distribution text files
Things FreeS/WAN uses or could use
Details of various things used
Boot Time
Change Time
Setting up connections at boot time
Timestep
Security tools
Top directory
Lists for related software and topics
Small packets work, but large transfers fail
Pluto error "no acceptable transform" message
Transport mode
Linux FreeS/WAN Troubleshooting
Tunnel mode
Setting up a secure tunnel to create a VPN
Unencrypted tunnels
Multiple tunnels between the same two gateways
Many tunnels from a single gateway
Basic and tutorial Linux information
Tutorials
tiple tunnels between the same two gateways
Choosing your connection types
Types of connection
Types of connection
Setting up various types of connection
Unauthenticated key exchange
Unencrypted tunnels
IPSEC for BSD Unix
Using "unnecessary" encryption to frustrate attackers
Setting up a secure tunnel to create a VPN
Setting up connections at boot time
Setting up interfaces
Setting up various types of connection
US contributions to FreeS/WAN
US Law
e DNS service, which IPSEC may use
Things FreeS/WAN uses or could use
Systems that want to use DES
Logs used
Details of various things used
Some uses of IPSEC
Things FreeS/WAN uses or could use
Key exchange using a PKI
Using authentication without encryption
Key exchange using DNS
Variations on IPSEC Using FreeS/WAN in different ways
Using manual keying in production
Using RSA signatures for authentication
Using shared secrets in production
Using "unnecessary" encryption to frustrate attackers
Utils
Variations on IPSEC Using FreeS/WAN in different ways
Details of various things used
Setting up various types of connection
Vendors with Linux products
Press release for version 1.0
IP version 6 (IPng)
Road Warrior with virtual IP address
up a secure tunnel to create a VPN
F-Secure VPN for Windows
General IPSEC or VPN information
VPN links
Other approaches to VPNs for Linux
Manual vs. automatic keying
Systems that want to use DES
Road Warrior end
Road Warrior example
Road Warrior support
Road Warrior with virtual IP address
RSA for road warriors
The Wassenaar Arrangement
The simplest way
C Using FreeS/WAN in different ways
We disable DES
40-bits is laughably weak
Web information
Other web information on FreeS/WAN
Other documents with web links
World Wide Web links for Linux
Web links for Linux FreeS/WAN
Web References
Networks break DES in a few weeks
What You Can Do
What's in the RFCs.tar.gz bundle?
Distribution Roadmap What's Where in Linux FreeS/WAN
What's wrong with restrictions on cryptography
Distribution Roadmap What's Where in Linux FreeS/WAN
Which is which?
RFCs for secure DNS service, which IPSEC may use
Which is which?
Older RFCs which may be referenced
Why?
World Wide Web links for Linux
F-Secure VPN for Windows
Windows 2000
PGP 6.5 Mac and Windows IPSEC Client, PGPnet
Raptor Firewall on Windows NT
Securing the Internet against Wiretapping
Encryption without authentication is dangerous
Using authentication without encryption
nually keyed connections don't work
Small packets work, but large transfers fail
Lists for IETF working groups
If a manually keyed connection works and auto doesn't
World Wide Web links for Linux
What's wrong with restrictions on cryptography
Xedia Access Point/QVPN
Yellow Dog Linux on Power PC
Spooks may break DES faster yet
Methods not yet implemented
Not (yet) in Linux FreeS/WAN
What You Can Do
Choosing your connection types
Information available on your system
Configuring the kernel yourself