Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

System Administration Guide: IP Services
Previous Next

What's New in IPsec?

Solaris Express, Developer Edition 2/07: In this release, IPsec fully implements tunnels in tunnel mode, and modifies the utilities that support tunnels.

  • IPsec implements tunnels in tunnel mode for Virtual Private Networks (VPNs). In tunnel mode, IPsec supports multiple clients behind a single NAT. In tunnel mode, IPsec is interoperable with implementations of IP-in-IP tunnels by other vendors. IPsec continues to support tunnels in transport mode, so is compatible with earlier Solaris releases.

  • The syntax to create a tunnel is simplified. To manage IPsec policy, the ipsecconf command has been expanded. The ifconfig command is deprecated for managing IPsec policy.

In this release, the /etc/ipnodes file is removed. Use the /etc/hosts file to configure network IPv6 addresses.

Solaris 10 1/06: In this release, IKE is fully compliant with NAT-Traversal support as described in RFC 3947 and RFC 3948. IKE operations use the PKCS #11 library from the cryptographic framework, which improves performance.

The cryptographic framework provides a softtoken keystore for applications that use the metaslot. When IKE uses the metaslot, you have the option of storing the keys on disk, on an attached board, or in the softtoken keystore.

Previous Next

 
 
  Published under the terms fo the Public Documentation License Version 1.01. Design by Interspire