Re: IPSec

From: Cy Schubert - ITSD Open Systems Group (
Date: 12/13/01

From: Cy Schubert - ITSD Open Systems Group <>
To: "Ivanov, Vladimir" <>
Date: Wed, 12 Dec 2001 20:32:15 -0800

In message <>, "Ivanov,
 Vladimir" writes:
> > Does anyone knows if it is possible to take IPSec parts from
> > Solaris 8 a and
> > put those to Solaris 7 ?
> > Or is there any other "product" that could do this ?
> > I need to secure connection between two machines.
> PPP-over-SSH? Or just SSH?

PPP over SSH isn't a good performer. If retransmits are required, you
could be retransmitting packets that are part of the SSH TCP session AND
retransmitting packets within the PPP session.

You're better off using a VPN solution that uses either IPSec or some
proprietary protocol that uses UDP.

If the protocol you're trying to secure uses TCP, then simply tunnel it
through SSH.

> > I am not looking for VPN solution.
> Then, you don't need IPSec, do you? :)

Regards, Phone: (250)387-8437
Cy Schubert Fax: (250)387-5766
Team Leader, Sun/Alpha Team Email:
Open Systems Group, ITSD
Ministry of Management Services
Province of BC
                    FreeBSD UNIX: