2015-04-14 22:05 GMT+03:00 Florin Andrei <florin@xxxxxxxxxxxxxxx>:
> On 2015-04-14 11:44, Eero Volotinen wrote:
>
>> 2015-04-14 21:40 GMT+03:00 Florin Andrei <florin@xxxxxxxxxxxxxxx>:
>>
>>>
>>> http://serverfault.com/a/655752/24406
>>>
>>> If that is accurate, the documentation, and the clustering / load
>>> balancing might tilt the balance in the direction of strongSwan.
>>>
>>>
>>> Well, both packages can do ipsec to cisco asa without any problems.
>>
>
> I have this one case where the other end of the connection wants to use
> some specific encryption parameters (specific versions of AES and SHA). I
> need to make sure that whatever software I use, is capable of providing
> that. Better documentation will certainly help.
>
> And of course, a more actively supported project, with a good security
> track record, is very important.
>
> All these are factors in choosing between Openswan / Libreswan /
> strongSwan.
>
Well, you can use any of these software for such basic tasks. I also think
that they are almost compatible with
configuration files, so you can later change package, if any problems
occurs.
I think best choice is software that comes with Centos.
I currently use openswan (epel?) Centos and Amazon Linux to connect with
checkpoint and cisco asa ipsec hardware devices.
--
Eero
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
