FreeS/WAN VPN | Road Warrior | OE | ||||
PSK | RSA Secret | X.509
(requires patch) | Manual
Keying | |||
More Compatible | ||||||
isakmpd (OpenBSD) | Yes | Yes | Yes | No | ||
Kame (FreeBSD, NetBSD) | Yes | Yes | Yes | No | ||
McAfee VPN
was PGPNet | Yes | Yes | Yes | Yes | No | |
Microsoft
Windows 2000/XP | Yes | Yes |
with FreeS/WAN
as Warrior | No | ||
Safenet SoftPK
/SoftRemote | Yes | Yes | Yes | No | ||
SSH Sentinel | Yes | Yes | Yes | No | ||
Other | ||||||
AshleyLaurent
VPCom | Yes | No | ||||
Borderware | Yes | No | No | |||
Checkpoint FW-1 | Yes | No | ||||
Checkpoint VPN1 | Yes/Partial | No | ||||
Cisco with 3DES | Yes | Maybe | No | |||
F-Secure | Yes | No | ||||
Gauntlet GVPN | Yes | No | ||||
IBM AS/400 | Yes | No | ||||
Lucent | Yes | No | ||||
Netscreen 5xp | Yes | No | ||||
Nortel Conitivity | Partial | No | ||||
RadGuard | Yes | No | ||||
Raptor (NT) | Yes | Yes | No | |||
Raptor (Solaris) | Yes | No | ||||
Redcreek Ravlin | Yes/Partial | No | ||||
Shiva
LANRover | Yes | No | ||||
Sun Solaris | Yes | No | ||||
SonicWall | Yes | No | ||||
Timestep | Yes | No | ||||
Watchguard
Firebox | Yes | Yes | No | |||
Xedia Access Point
/QVPN | Yes | No | ||||
PSK | RSA Secret | X.509
(requires patch) | Manual
Keying | |||
FreeS/WAN VPN | Road Warrior | OE |
Our information comes primarily from mailing list reports and tutorials.
The FreeS/WAN project needs you! We rely on the user community to keep up to date. Mail users@lists.freeswan.org with your interop success stories.
Yes | People report that this works for them. |
[Blank] | We don't know. |
No | We have reason to believe it was, at some point, not possible to get this to work. |
Partial | Partial success. For example, a connection can be created from one end only. |
Yes/Partial | Mixed reports. |
Maybe | We think the answer is "yes", but need confirmation. |
OpenBSD FAQ: Using
IPsec
Hans-Joerg Hoexer's interop Linux-OpenBSD (PSK)
Skyper's configuration
(PSK)
Kame homepage, with FAQ
NetBSD's IPSec FAQ
Itojun's Kame-FreeS/WAN interop tips (PSK)
Ghislaine
Labouret's French page with links to matching FreeS/WAN and Kame
configs (RSA)
Ghislaine's post explaining some peculiarities
Frodo's Kame-FreeS/WAN interop (X.509)
Using Kame as a WAVEsec client
Rekeying problem with FreeS/WAN and older PGPNets
DHCP over IPSEC HOWTO for FreeS/WAN (requires X.509 and dhcprelay patches)
Jean-Francois
Nadeau's Net-net Configuration (PSK)
Telenor's
Node-node Config (Transport-mode PSK)
Marcus Mueller's HOWTO using his
VPN config tool (X.509). Tool also works with PSK.
Nate Carlson's HOWTO using same tool (Road Warrior with X.509).
Unusually, FreeS/WAN is the Road Warrior here.
Oscar Delgado's PDF (X.509, no configs)
Microsoft's Win2k IPsec debugging tips
MS VPN may fall back to 1DES
Whit Blauvelt's SoftRemote tips
Jean-Francois
Nadeau's Practical Configuration (Road Warrior with PSK)
Terradon Communications' PDF (Road Warrior with PSK)
Red Baron Consulting's PDF (Road Warrior with X.509)
SSH's
Sentinel-FreeSWAN interop PDF (X.509)
Potential problem unless using Legacy Proposal option
Successful interop report, no details
Philip Reetz' configs (PSK)
Borderware server does not support FreeS/WAN road warriors
Older Borderware may not support Diffie Hellman groups 2, 5
Text goes here.
Text goes here.
Text goes here.
Text goes here.
Richard Welty's tips and tricks
Text goes here.
Text goes here.
Text goes here.
Text goes here.
Text goes here.
Text goes here.
Text goes here.
Text goes here.
Text goes here.
Text goes here.
WatchGuard's HOWTO (PSK)
Ronald C. Riviera's Settings (PSK)
Old known issue with auto keying
Tips on key generation and format (Manual)
Hybrid IPsec/L2TP connection settings (X.509)
Xedia's LAN-LAN links don't use multiple tunnels
That explanation, continued