[转载] need help on IPsec - 未名空间MITBBS历史存档

国际科技财经博客移民网络热点娱乐民生时事公众号

Redian新闻

>未名空间

>Security - 系统安全

[转载] need help on IPsec

[转载] need help on IPsec# Security - 系统安全

s*r2003-02-20 08:02

1 楼

【以下文字转载自 Unix 讨论区,原文如下】
发信人: screwdriver (screwdriver), 信区: Unix
标题: need help on IPsec
发信站: The unknown SPACE (Thu Feb 20 10:55:45 2003) WWW-POST
have a proj need to use IPsec to do Host to Host communication across the
firewall. I know this is similar to SSH, which I have a little experience,
other than that, I have no clue about, for example, how to set it up on the
two unix boxes.
UNIX A: on company intranet behind the firewall
UNIX B: in DMZ
what are the steps to make them talk through

p*s2003-02-20 08:02

2 楼

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Actually they are not similar except using some similar cryptographic
algorithms.
IPsec is at network layer and you need to mangle with kernels.
SSH is at application layer and there is not much system-related issues.
IPsec has a built-in filter and network address translation modules,
you don't need another firewall if you have an IPsec implementation
installed on your host.
You may try FreeS/WAN on two Linux boxes. The documention has
a tutorial you

【在 s*********r 的大作中提到】

: 【以下文字转载自 Unix 讨论区,原文如下】
: 发信人: screwdriver (screwdriver), 信区: Unix
: 标题: need help on IPsec
: 发信站: The unknown SPACE (Thu Feb 20 10:55:45 2003) WWW-POST
: have a proj need to use IPsec to do Host to Host communication across the
: firewall. I know this is similar to SSH, which I have a little experience,
: other than that, I have no clue about, for example, how to set it up on the
: two unix boxes.
: UNIX A: on company intranet behind the firewall
: UNIX B: in DMZ