[Xorp-users] Firewall support and OpenSwan interoperability with XORP
Patricio Latini
p_latini at hotmail.com
Tue Dec 20 05:41:57 PST 2011
I have xorp running in the same machine than openswan as L2TP/IPSEC tunnel
terminator without any issues.
Patricio
From: xorp-users-bounces at xorp.org [mailto:xorp-users-bounces at xorp.org] On
Behalf Of Amir Naftali
Sent: Monday, December 19, 2011 10:38 AM
To: xorp-users at xorp.org
Subject: [Xorp-users] Firewall support and OpenSwan interoperability with
XORP
Hi,
I'm a newbe to XORP (just started few days ago), I have compiled and run it
on Fedora 16 (latest) and it looks good
(followed instructions and everything went very smooth, the required
ip_table.h changes were a bit different than stated
in the bug since the .h file has changed a bit but it was a no brainer to
adopt)
I have few questions around the netfilter support and interoperability with
IPSec implementations...
- is there a way to sync configuration with the existing state of the
machine (so for example i load xorp_rtrmgr with empty
config file and sync it with the current interface configuration, routing
data and firewall policies)?
- Is there support for statefull inspection in the configuration and
policies? if not is there any plans for supporting it?
- Is there support for more granular icmp/igmp firewall policies (i have
seen any from the CLI)? if not than same questions as above?
- Has anyone tried to see if openswan (or any other ipsec/ike
implementation) works well with XORP(on the same machine)? any known issues?
Amir
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/xorp-users/attachments/20111220/43636183/attachment.html
More information about the Xorp-users
mailing list