advise me on the easiest way to do this? Should I
continue using OpenSwan? Is there a good HOWTO for this, or will I
be the guy that writes it? (Assume I know everything on
I think you might be the guy that writes it as the official Wiki for
Linux networking (http://linux-net.osdl.org
) is pretty bad on
security right now!
That site is probably a bit low-level; http://www.ipsec-howto.org/
missing useful information.
suggestions? Michal, are you still around, and is this right in
your area of expertise? :)
One thing I do suspect you will need is a very recent kernel as
things necessary for this such as connection tracking only really got
much attention in 2.6.17. Apart from that I can't offer much help.
If I was going to use a kernel that recent I'd just patch klips in. :)
As it is the end point, I shouldn't need to use connection tracking. Will
see though. Thanks for the headsup.