IPSec VPN docs
Christopher K. Johnson
ckjohnson at gwi.net
Wed Mar 24 15:03:53 UTC 2004
Mark Haney wrote:
> On Sun, 21 Mar 2004 18:33:13 -0500, Christopher K. Johnson
> <ckjohnson at gwi.net> wrote:
>
>
>> The easiest way to configure ipsec vpn and still keep kernel maintenance
>> simple is by using the 2.6 kernel. Follow notes elsewhere on how to
>> migrate to the 2.6 kernel, and hopefully the attached note will help you
>> from there. It is a work in progress.
>>
>
> Hi Chris, thanks for the docs on this. Just one question, I'm not
> really worried about kernel maintenance so I'd prefer to stick with
> the latest FC1 kernel (2.4.22-1.2174?) and use FreeS/Wan. Will this
> doc work on this configuration as well?
>
No, because FreeS/Wan patches to 2.4 kernel utilize a tunnel interface
device. So the interface configuration is different, and the iptables
would utilize the tunnel interface as the input interface for packets
coming from a vpn peer.
Check out http://lartc.org/howto/lartc.ipsec.html which makes this
distinction, and the freeswan docs linked from there.
--
-----------------------------------------------------------
"Spend less! Do more! Go Open Source..." -- Dirigo.net
Chris Johnson, RHCE #807000448202021
More information about the users
mailing list