[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: WLAN access point, IPsec

To: misc@openbsd.org
Subject: Re: WLAN access point, IPsec
From: Pedro la Peu <pedro@am-gen.org>
Date: Fri, 19 Sep 2003 17:04:37 +0100
Content-Disposition: inline
References: <Pine.BSO.4.58.0309191423520.27943@herc.66h.42h.de>
User-Agent: KMail/1.5.2

> what "minimum" requirements would a WLAN access point box using
> OpenBSD and a PRISM2.5 card in HostAP mode have, if using no WEP,
> but IPsec?

For the hostap part, there's very little additional overhead. For the IPsec 
part, it depends on traffic, average packet sizes, suites used etc.

> Can IPsec use blowfish as cipher safely?

Not sure what you mean by 'safely', sorry.

> The box I have here is a Pentium-100, 128 MiB RAM, but it serves

Well, I have plenty of P2-200's w/32MB doing hostap, PF and IPsec with 
multiple S/A's and they seem mostly asleep. All use the following:

[Default-main-mode]
DOI=                    IPSEC
EXCHANGE_TYPE=          ID_PROT
Transforms=             3DES-SHA-RSA_SIG

[Default-quick-mode]
DOI=                    IPSEC
EXCHANGE_TYPE=          QUICK_MODE
Suites=                 QM-ESP-AES-SHA-PFS-SUITE

-p

References:
- WLAN access point, IPsec
  - From: Thorsten Glaser <tg-v2003@netcologne.de>

Prev by Date: Re: Routed issue.. I think
Next by Date: Re: three NIC problem
Prev by thread: WLAN access point, IPsec
Next by thread: Perforce under 3.3?
Index(es):
- Date
- Thread