OpenVPN vs IPSec
Victor Sudakov
vas at mpeks.tomsk.su
Sun Nov 19 15:16:25 UTC 2017
Eugene Grosbein wrote:
>
> >> https://tools.ietf.org/html/rfc2409
> >> https://tools.ietf.org/html/rfc7296
> >
> > I don't doubt there being RFCs, but there are also some incompatible
> > vendor extensions. E.g. racoon announces Kerberos authentication
> > support (which is presently broken) etc.
>
> racoon does not announce Kerberos authentication support in my case.
> May be due to the fact I build security/ipsec-tools port with disabled option
> for GSSAPI Security API support.
So do I now, but when I tried to enable the option (because I grew
tired of shared secrets), it turned out broken.
Anyway, it is just an example of a non-standard extension.
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
AS43859
More information about the freebsd-net
mailing list