[vpn] FW: IPSEc and IKE documentation ?
Karl-Michael Werzowa
mikey at werzowa.at
Tue Jan 22 10:13:55 EST 2002
Hello, Alan!
Your problems are quite understandable;
ipsec seems to be overcomplicated (a typical committee-work, as
Bruce Schneider stated ;-)
What I found quite helpful is:
(from very simple (1), management overview to deep into tech
details(10))
http://www.cisco.com/warp/public/cc/so/neso/sqso/eqso/ipsec_wp.htm (1)
http://www.freeswan.org/freeswan_trees/freeswan-1.91/doc/toc.html
(3 to 9)
though based only on FreeS/WAN, very extensive, lots of
great links.
http://www.vpnc.org/white-papers.html (1 to 7, depending on links
you follow)
http://www.ietf.org/html.charters/ipsec-charter.html (3-10) (you
may know this...)
To your amusement and for anyone who thinks RFCs are holy texts:
http://www.counterpane.com/ipsec.html (VERY informative! though it
does not really help you in configuring IPSec) (2-10)
Books:
William Stallings, Crytography and Network Security, 2nd Ed
Prentice Hall, pgs.399-432, (3 - 8)
Manfred Lipp, VPN - Virtuelle Private Netzwerke, Addison-Wesley
(3 - 9) --- this book is great, but in German. If you want, I could
send you scans of the really informative Illustrations...
(...think that I got quite a lot of books on this theme, but the
others I would not even mention --- though the CISCO-literature
helps a lot, if you use CISCO-equipment --- e.g. "CISCO IOS 12.0
Network Security")
Best regards,
Michael Werzowa
Am Dienstag den, 22. Januar 2002, um 10:42, schrieb Trevillion, Alan:
I have tried reading the RFC's but the explanation seemed to skip
what was
actually happening when 2 IPSec devices try to setup an IKE and
IPSec SA. I
just wondered if there were any diagrams that showed process flows. The
RFC's I found seem to overcomplicate and just refer to other legal
documentation. As you can guess this subject is relatively new to me.
Alan
......<clipped>........
**************************************************************************
Karl-Michael Werzowa
A-1190 Wien, Paradisgasse 28/4/6
+43 (664)302 4511, fax +43 (1)328 1992 14
mikey at werzowa.at, michael.werzowa at bmi.gv.at
**************************************************************************
VPN is sponsored by SecurityFocus.com
More information about the VPN
mailing list