Since I’m not a big fan of OpenVPN, it would be nice if you added support for IPSec lan-to-lan. Instead of just supporting OpenVPN.
It would enable me to connect to other IPsec devices, such as Cisco PIX etc..
Since you already support IPSec + x.509 for “road warriors”, it should be pretty trivial to implement.
Hope you have time for it.
Thank you for a good firewall distribution.
Sorry, but I have changed my mind about the possibility to implement site to site VPN by using IPSec. I do not like IPSec very much. I prefer OpenVPN because it has the VLAN 802.1q support and is easier to use.
while I can definitely understand that the more elegant solution just is way more interesting, it’s still an interoperability issue connecting a zeroshell driven device to some “standard” net devices, that only know ipsec. I got it running in a laboratory test, but having it integrated in zeroshell would be nice (i.e., my solution is not reboot safe 🙂
You are right. The interoperability with other devices is the main reason I could implement site to site Virtual Private Network with IPSec.
In any case, I won’t be able to allow it the next release.
Please post your solution because it could help me in the future.