Notices
Reply
Thread Tools
Gourmet is offline Gourmet
2006-03-13 , 08:39
Posts: 50 | Thanked: 2 times | Joined on Jan 2006 @ Lyon, France
#1
I have to say that is a very good thing that companies like StingHorn invest in research about the 770.
But why do they create a specific VPN solution ? There are standards around here : IPSEC and SSL ! Does the only standard they know about is a proprietary solution ?
Why do they to reinvent the wheel ?
Moreover their solution doesn't seem to use x509 certificates which would lead to management difficulties.

For now, waiting for a port of OpenS/Wan, I'm using openvpn with certificates. A little slow to start by functional. Good job.

openvpn is a defacto (and open) standard in the Linux world not a true standard however.

db
 
disq is offline disq
2006-03-13 , 09:30
Posts: 191 | Thanked: 10 times | Joined on Feb 2006
#2
if you look at the screenshots you'll see that they're using l2tp, which is also a standard a'la pptp and ipsec.
 
Gourmet is offline Gourmet
2006-03-13 , 11:17
Posts: 50 | Thanked: 2 times | Joined on Jan 2006 @ Lyon, France
#3
Originally Posted by disq
if you look at the screenshots you'll see that they're using l2tp, which is also a standard a'la pptp and ipsec.
You're right.Indeed I haven't seen the following http://www.stinghorn.com/doc/p06-shn-vpn-stopped.png
before my post.
And in the StingHorn article they talk about L2TP/IPsec : "The freely distributed client software enables automatically secure VPN connections to Stinghorn Secure Business Suite's L2TP/IPsec VPN gateway".
Sorry for my precipitation;

The latest screen shows that they are well using IPSEC, even a racoon daemon on the client side. Racoon is standard amongst open source solutions (which are openS/Wan, racoon and ISAKMPD).

So, BRAVO and a good thing ... finally.

But I wonder if a standard solution on the server side (racoon for example) will work with their client.

I suppose that it won't be the case for commercial reasons ...

So, to be tested ... Hoping it doesn't need a new kernel (with crypto libraries as modules).

db
 
disq is offline disq
2006-03-13 , 12:38
Posts: 191 | Thanked: 10 times | Joined on Feb 2006
#4
there's also this, posted in maemo-developers.

Mika Bostrom
<bostik@stinghorn.com> to maemo-developers

Stinghorn is pleased to announce the availability of our
L2TP/IPsec VPN client for Nokia 770.

* Clean GUI
* Although requires a custom kernel image, still simple
to install
* Sources readily available for all parties
* Works like a charm

You can check out our opensource site at
http://opensource.stinghorn.com/stinghorn-trac/wiki and
get the sources from our Subversion repository at
http://opensource.stinghorn.com/svn/

Instructions for building your own client and kernel
are also available, in case you feel unsure about using a
third-party provided (that would be us) one.

Personal credits: for writing the client, Tomi Ollila,
who has been actually pestering you on this very list about
packaging and menu issues. My involvement was limited to just
getting the components for L2TP/IPsec connection built and
working.

Why build a client like this? We offer a commercial
L2TP/IPsec VPN gateway which works seamlessly with several
platforms - with now Nokia 770 included.

On behalf of entire Stinghorn team, enjoy.

--
Mika Boström \-/ "World peace will be achieved
Bostik@stinghorn.com X when the last man has killed
+358 40 759 0016 /-\ the second-to-last." -anon?
 
Wooky is offline Wooky
2006-03-13 , 13:02
Posts: 41 | Thanked: 0 times | Joined on Dec 2005 @ Brasil
#5
Custom kernel image? that smells bad. Can't the necessary stuff be built as modules? Otherwise we'll end up with a bunch of apps each needing their own custom kernel images and thus incompatible between themselves.
 
disq is offline disq
2006-03-13 , 13:48
Posts: 191 | Thanked: 10 times | Joined on Feb 2006
#6
it should be possible, but i think they just didn't bother as of now. you could e-mail the company and ask them about it. (or maybe if we get lucky they might drop by here and give us some answers )

the opensource site he mentions also has client installation and compilation instructions btw.
 
fanoush is offline fanoush
2006-03-13 , 15:01
Posts: 2,152 | Thanked: 1,490 times | Joined on Jan 2006 @ Czech Republic
#7
Originally Posted by Wooky
Custom kernel image? that smells bad. Can't the necessary stuff be built as modules?
No. At least not everything. Check their wiki link for details.
And pptp needs custom kernel too. Looks like OpenVPN is the only solution with stock kernel.

Custom kernel is not so dangerous. If you are afraid you can first load and boot custom kernel without touching the flash memory. You need linux flasher executable for this ('flasher -l -b -k kernelimage' boots is without flashing). And later when you find the kernel is working you can flash it without touching the rootfs. It can be done without loosing any data if done with care.
 
Harpwell is offline Harpwell
2007-10-22 , 12:40
Posts: 3 | Thanked: 0 times | Joined on Oct 2007
#8
Hey guys

Stinghorn site is not available. Does anybody have downloaded this software before? Share it pleaeese! Need L2tp very much!
 
Reply

« Previous Thread | Next Thread »

 
Forum Jump


All times are GMT. The time now is 13:58.

Contact Us - Home - Archive - Top