[vpn] FreeS/WAN-Cisco IOS AH tunnel

Watson, Travis Travis.Watson at Honeywell.com
Wed Jun 26 16:40:03 EDT 2002


Ahmed,

As a work-around, you are probably better off just running ESP-null encryption.  AH-only is a bit of a screwey add-on to
IPSec (as an editorial).  ESP-null works fine and, of course, doesn't encrypt traffic while authenticating the distant
end--assuming that is your end goal.

--Travis

-----Original Message-----
From: Ahmed Benallegue [mailto:syu at ecmwf.int]
Sent: Wednesday, June 26, 2002 3:05 AM
Cc: vpn at securityfocus.com
Subject: [vpn] FreeS/WAN-Cisco IOS AH tunnel


Hi,

I had no problem to establish an ESP-3DES + ESP-MD5 tunnel between Linux
Box running FreeS/WAN v1.96 and a Cisco router running IOS v.12.1(7a)E6.
I am trying now to configure and establish an AH (either AH-SHA or
AH-D5) but I am experiencing some FreeS/WAN configuration issue: the
parameter "ah=" is not understood in the ipsec.conf file.

So, did anybody experiece this before, and is there any solution?

Thanx.

Ahmed 
-- 
+-------------------+--------------------------------+
| Ahmed Benallegue  | Network Analyst                |
| ECMWF             | e-mail: a.benallegue at ecmwf.int |
| United Kingdom    |                                |
+-------------------+--------------------------------+

VPN is sponsored by SecurityFocus.com

VPN is sponsored by SecurityFocus.com





More information about the VPN mailing list