Sorry, Michael, I just forwarded it out there in case you saw it and thought “hey, this could be useful.” Otherwise, just ignore.

As for functionality, I don’t have any urgent needs currently, but it had been discussed trying to implement a more cohesive IPSec road warrior solution, like what has been done by Algo, including Apple configuration profiles, Windows installation scripts, and sane cryptography choices. 

https://blog.trailofbits.com/2016/12/12/meet-algo-the-vpn-that-works/

I think that would be a major selling point for IPFire.

Tom

On Sep 25, 2018, at 5:09 AM, Michael Tremer <michael.tremer@ipfire.org> wrote:

Hey Tom,

thanks for that link.

I had a quick browser around and looked at the code. It is a little bit chaotic
because it is not written in a very Python-y way. Everything is in a function
and the author didn't use any classes. Probably would have been better written
in shell script.

However, there are some more flaws in it regarding the strongSwan configuration
(weakest crypto being tried first) and that is not a good foundation.

What is the solution you are looking for? Making RW work with IPsec for mobile
devices?

Best,
-Michael

On Mon, 2018-09-24 at 20:59 -0400, Tom Rymes wrote:
Ack. My first thought was that this was for Raspbery Pi, but then no mention
was made, so I sent this message. Further reading seems to indicate that it is
for Pi devices. Regardless, perhaps some of the work could be adopted to help
improve the roadwarrior IPSec experience?

Tom

On Sep 24, 2018, at 8:45 PM, Tom Rymes <trymes@rymes.com> wrote:

I saw this on the Strongswan users list, so I’m sure you are all already
aware of it, but I don’t know if it has any potential use for IPFire.

Tom

https://github.com/gitbls/pistrong/tree/master