Esteban Lopez
2013-07-10 00:42:04 UTC
I sent a mail to Michael Richardson and I want to share this with all of you.
My mail start with > and Michael's answer without it.
GKMP is about keying multicast packets.
GET-VPN/Group-VPN, as far as I know, is about (auto-)building meshes, and the
IPsecME WG'shttp://datatracker.ietf.org/wg/ipsecme/
http://datatracker.ietf.org/doc/draft-ietf-ipsecme-ad-vpn-problem/
is about standardizing something similar.
2) write test cases first.
3) get on the list and post often.
My mail start with > and Michael's answer without it.
Sorry for contact you directly but I can't find the way to add a new
entry to the General discussion forum. (I was looking inredmine <http://www.redmine.org/projects/redmine/boards> forum)
well, you would subscribe to it, using the web or mail interface.entry to the General discussion forum. (I was looking inredmine <http://www.redmine.org/projects/redmine/boards> forum)
I wonder if there is some implementation of GDOI protocol RFC 3547 with
Openswan or Pluto or Linux in order to get VPNs with Group Domain of
Interpretation
GKMP is not implemented.Openswan or Pluto or Linux in order to get VPNs with Group Domain of
Interpretation
We want to configure a phase 1 with preshare key and a phase 2 with
GDIO in order to get the key from a Central Key server. The same
concept than CISCO's GET-VPN or Juniper's Group VPN.
I don't think that this is the same thing.GDIO in order to get the key from a Central Key server. The same
concept than CISCO's GET-VPN or Juniper's Group VPN.
GKMP is about keying multicast packets.
GET-VPN/Group-VPN, as far as I know, is about (auto-)building meshes, and the
IPsecME WG'shttp://datatracker.ietf.org/wg/ipsecme/
http://datatracker.ietf.org/doc/draft-ietf-ipsecme-ad-vpn-problem/
is about standardizing something similar.
Could you tell me if that is possible? or Is There some reason to
Openswan did not have this implemented?
nobody who had money and/or time wanted to implement it.Openswan did not have this implemented?
If it is not implemented for time reasons, we can do it and in this
case we want to know if you have some advices about the best way to do
it or maybe the best Openswan's developer to ask advice before start.
1) get the test bench workingcase we want to know if you have some advices about the best way to do
it or maybe the best Openswan's developer to ask advice before start.
2) write test cases first.
3) get on the list and post often.