Check out the new USENIX Web site. next up previous
Next: Security Considerations Up: Conclusion Previous: Future Directions


We have attended a couple of interoperability workshops as well as carried out our own tests and have succeeded remarkably well, given the complexity of the IKE specifications. A lot may be attributed to our flexible configuration which, however, cannot be said to be user-friendly. We have been known to interoperate with the 3com Pathbuilder 500, Ashley Laurent VPCom, Axent Raptor, Cendio Fuego Firewall, CheckPoint FireWall-1, Cisco IOS, Cisco PIX, F-secure VPN+, FreeBSD/NetBSD KAME, Intel LanRover, Linux FreeS/WAN, Nortel Contivity, PGP VPN, Radguard cIPro, Teamware TWISS, Windows 2K, and Timestep Permit.

Most of this interoperation has been with pre-shared keys. Unfortunately we have not yet had a chance to do extensive certificate-based interoperability testing.

Angelos D. Keromytis