Page MenuHomeDevCentral
Create Task
Maniphest T2202

Pick solution for IPsec
Closed, ResolvedPublic
Actions

Description

  1. racoon2
  2. libreswan
  3. strongswan

Note : racoon2 package is deprecated, no update since 2020

Documenation related : https://agora.nasqueron.org/IPsec

Event Timeline

Duranzed created this task.Thu, Feb 5, 15:51
Herald added a subscriber: dereckson. · View Herald TranscriptThu, Feb 5, 15:51
Duranzed updated the task description. (Show Details)Thu, Feb 5, 15:52
Duranzed added a project: Secure HA tunnels.
Duranzed updated the task description. (Show Details)Fri, Feb 6, 08:13
Duranzed added a subscriber: yousra.
Duranzed renamed this task from Pick solution for tunnel to Pick solution for IPSEC.Fri, Feb 6, 11:15
Duranzed renamed this task from Pick solution for IPSEC to Pick solution for IPsec.
Duranzed updated the task description. (Show Details)Mon, Feb 9, 13:33
Duranzed updated the task description. (Show Details)Mon, Feb 9, 17:12
dereckson added a project: Product evaluation.Wed, Feb 11, 19:35
dereckson moved this task from Backlog to Current focus on the Product evaluation board.
dereckson added a comment.Wed, Feb 11, 19:40

The on-wiki page doesn't currently give a clear overview of what it would be like to run against each solution.

There is already one thing clearly documented: the fact racoon2 isn't maintained anymore. That's good.

Now let's improve it with other useful information.

First, we need to know what to add, how to write that kind of document. Here, a LLM could help a little bit with those questions:
https://chatgpt.com/share/698cd9f3-a52c-8005-ae16-a9c12881a72a

We already know some of them, but they are still good to answer. For example, we know HA will be achieved with CARP.

So would be really nice to dig more on that.

dereckson assigned this task to Duranzed.Wed, Feb 11, 19:40
dereckson triaged this task as Normal priority.
dereckson added a project: documentation.
dereckson moved this task from Backlog to Doc to write on the documentation board.
dereckson moved this task from Backlog to Working on on the Secure HA tunnels board.
yousra moved this task from Working on to Documentation on the Secure HA tunnels board.Thu, Feb 12, 10:22
yousra updated the task description. (Show Details)Thu, Feb 12, 10:25
Duranzed updated the task description. (Show Details)Wed, Feb 18, 08:58
Duranzed added a comment.Wed, Feb 18, 12:46

We chose to go with strongswan as it is native to FreeBSD and the most complete solution in terms of supported protocols. Strongswan has already been installed and tested on router-002 and router-003.

Duranzed closed this task as Resolved.Wed, Feb 18, 12:46
Duranzed updated the task description. (Show Details)
yousra moved this task from Documentation to Done on the Secure HA tunnels board.Wed, Feb 18, 20:25
Duranzed added a project: User-Duranzed.Fri, Feb 20, 13:48
Duranzed moved this task from Backlog to Finished on the User-Duranzed board.Fri, Feb 20, 13:51
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator