General discussion

Locked

CIPE vs IPSec

By Andy Bettoni ·
I have a VPN on 4 firewall based on Linux RedHat7.1 (kernel 2.2.x) and Cipe (ipchains) to connect 4 network. Someone told me that I have to upgrade OS to Linux RH7.3 (kernel 2.4.x) and upgrade the VPN to Netfilter-Iptables to upgrade to the standardIPSec. I tried to find something to clear my ideas, but I haven't found nothing that explain a clear match of both technologies.
Any suggestion? I will upgrade my systems only if there is the real need to do.
Thank You.
Andy

This conversation is currently closed to new comments.

3 total posts (Page 1 of 1)  
Thread display: Collapse - | Expand +

All Comments

Collapse -

CIPE vs IPSec

by paulo.sedrez In reply to CIPE vs IPSec

First of all, the technologies are not necessarelly linked to each other. Cipe is not linked to ipchains, nor IPSec to iptables. In fact, I have one client using IPSec with ipchains, with no problem at all.

Netfilter (iptables) is the new firewall technology included with the kernel 2.4; it comes as an ALTERNATIVE to ipchains - which is kernel 2.4, also. Netfilter has the main, HUGE advantage of being a statefull firewall, so the sistem can be lock down easyly and efficiently.

CIPE and IPSec are both technologies of IP Encapsulation with Cryptografy. They use different methods, protocols and algorithms, but are basically the same structure. CIPE has the advantage it can be used behind masquerading firewalls; IPSec does authenticationon all levels of the protocols, so it can do the same (due the change on the IP address); on the other side, it is by far the most secure and standardized.

If you want to use IPSec instead of CIPE, you can add Free S/WAN to kernel 2.2, and continue using your current installation - including ipchains. Actually, and please note that I'm not sure about this, I thing you may be able to use BOTH, CIPE and IPSec, simultaneously.

--Sedrez

BTW, RH 7.1 comes with kernel 2.4.2, RH 7.0 comes with kernel 2.2.16. Are you sure about the versions?

Collapse -

CIPE vs IPSec

by Andy Bettoni In reply to CIPE vs IPSec

Poster rated this answer

Collapse -

CIPE vs IPSec

by Andy Bettoni In reply to CIPE vs IPSec

This question was closed by the author

Back to Linux Forum
3 total posts (Page 1 of 1)  

Related Discussions

Related Forums