[Vpn-devel] various bugs and fixes
Matthew Grooms
mgrooms at shrew.net
Wed Oct 10 00:05:15 CDT 2007
Nicolas Deschildre wrote:
>
> Yes! Could you give me some background on the differents VPN client
> capabilities, and what the shrew soft VPN client can/can't do? For
> example, I have understood that the vpnc client is only for cisco
> ipsec servers, not others...
>
The Shrew Soft VPN client is an advanced cross platform IPsec VPN client
for FreeBSD, NetBSD, Linux and Windows 2000/XP. It includes an Internet
Key Exchange daemon, pfkey library and Qt based client applications to
manage the connections. On unix targets, the client is 100% open source
and uses the existing kernel IPsec functionality ( unlike vpnc ). On
windows, client uses some proprietary kernel modules and IPsec protocol
processing code that is not open source but is still free for both
commercial and personal use.
The IKE daemon can be used to provide client connectivity or can be run
as a stand-alone component on a VPN Gateway to service client
connectivity. The GUI client tools offer a powerful interface that can
be used to configure all aspects of a remote Site Configuration. To
initiate a connection, you just hilight the Site and click the connect
button. The daemon supports lots of features such as using Virtual
private adapters, Dead Peer Detection, NAT-T, IKE Fragmentation, RSA or
Preshared Key peer authentication, optional Xauth or Hybrid user
authentication, Mode config ( ike-cfg ) for automatic client
configuration, advanced policy generation and much more.
Although the software was originally created to inter-operate with the
ipsec-tools racoon ike daemon, it has been reported to work with many
commercial VPN gateways such as Cisco, Lancom, Zywall, Linksys as well
as other open source Key daemons such as Strong/Free SWAN and OpenBSD
isakmpd.
For a complete list of features for the VPN Client 2.0.1 release, please
take a look at the online documentation available here ...
http://www.shrew.net/vpn/help-2.0.1/vpnhelp.htm
The next version 2.1.0 ( not yet released ) will further improve
interoperability by supporting the IPsec over DHCP for gateways such as
Fortigate and expand platform support to Windows Vista and possibly Mac
OSX. For development status and roadmap, please take a look at the
following document ...
http://www.shrew.net/vpn/todo.php
Thanks again and please let me know if there is anything else I can do
to help :)
-Matthew
More information about the vpn-devel
mailing list