Re: IPSec in Fedora Linux vs Cisco IOS ?

From: Clayton Weaver (cgweav_at_aol.com)
Date: 10/25/04

Next message: Santa: "Re: How can I drop "Source Quench, Redirect, Time stamp and Time stamp reply" ICMP packets"

Previous message: snowolf: "VPN to access Lucent"
In reply to: Kimmo Koivisto: "Re: IPSec in Fedora Linux vs Cisco IOS ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 25 Oct 2004 09:35:20 GMT

You can do a lot of routing/filtering/port_forwarding
of what hits the endpoints of the tunnels
with the kernel's advanced routing
options, the iproute tools, and netfilter/iptables.

Perhaps combining these other tools
with basic ipsec tunnels will get you
the fine-grained control that you
describe for the Cisco vpn router.
(iptables alone might be enough,
ie "pass|forward|roundfile", depending
on what kind of routing you need.)

Regards,

Clayton Weaver
<mailto: cgweav@aol.com>

"Everyone is ignorant, just about different things." Will Rogers

Next message: Santa: "Re: How can I drop "Source Quench, Redirect, Time stamp and Time stamp reply" ICMP packets"

Previous message: snowolf: "VPN to access Lucent"
In reply to: Kimmo Koivisto: "Re: IPSec in Fedora Linux vs Cisco IOS ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]