[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How's IPSEC implementation tested



On Mon, Mar 11, 2002 at 10:34:43PM +0530, Channa wrote:

 > I am in the process of developing IPSEC, I wanted to know if there is
 > IPSEC test suites available for free.

You can use two remote tests available:

http://isakmp-test.ssh.fi/ (SSH Communications)
http://ipsec-wit.antd.gov/ (NIST)

The latter was not working last week, but I've got reply from NIST
saying that it will be operational soon (this week).

 > We have Win-2000 server  with us, is
 > it possible to test out implementation with the Win-2000 IPSEC, basically
 > without IKE and with manual keying? if so how do you go about it?

AFAIK Windows 2000 IPSec implementation doesn't allow you to setup
ESP/AH manually, it has to be done via IKE. I don't know why it's like
that, probably some political decision at Microsoft because I was told
that it was possible in the early betas.

-- 
Pawel Krawczyk * http://echelon.pl/kravietz/
Krakow, Poland * http://ipsec.pl/