Ipsec-tools interoperability chart

Symetric modes

Peer	Authentication methods
Peer	Pre-Shared Key	RSA Sig
Ipsec-Tools' Racoon HEAD	OK	OK
Ipsec-Tools' Racoon 5.2	OK	OK
Kame's Racoon 0.3	OK (Untested)	OK (Untested)
OpenSwan 2.3	OK (Untested)	OK (Untested) ¹
Cisco Concentrator 3k	OK	OK
SideWinder	OK (Untested)	OK
Solaris 10 iked	Not OK	Not OK

1 : With the plainrsa tool ?

XAuth modes, racoon as server

Peer	Authentication methods			Extensions
Peer	Pre-Shared Key + XAuth	Hybrid RSASig + XAuth	RSA Sig + XAuth	Mode Config	Cisco Unity
Ipsec-Tools' Racoon HEAD	OK	OK	OK	OK	OK
Ipsec-Tools' Racoon 5.2	N/A	OK	N/A	OK	OK
OpenSwan 2.3	OK (Untested)	N/A	N/A	N/A	N/A
Cisco VPN Client	OK ¹	OK ²	OK ³	OK	OK

1 : Shown as group authentication
2 : Shown as mutual group authentication ; the group password is ignored
3 : Shown as certificates

XAuth modes, racoon as client

Peer	Authentication methods			Extensions
Peer	Pre-Shared Key + XAuth	Hybrid RSASig + XAuth	RSA Sig + XAuth	Mode Config	Cisco Unity
Ipsec-Tools' Racoon HEAD	OK	OK	OK	OK ¹	OK ¹
Ipsec-Tools' Racoon 5.2	N/A	OK	N/A	OK ¹	OK ¹
OpenSwan 2.3	OK (Untested)	N/A	N/A	Unknown	Unknown
Cisco Concentrator 3k	OK	Not OK ²	OK	OK ¹	OK ¹

1 : Racoon supports most of the options, by the way of scripts
2 : Uses an unkown proprietary extension for the group password

Legend

OK : Works, tested.
OK (Untested) : In theory, should work.
Unknown : Unclear if it's supported.
Not OK : Doesn't work even if it should.
N/A : Unsupported by the peer.

Back - contact me

Page last modified the 26/10/2005 - XHTML 1.1 strict and CSS 2.0.