IPSec VPN docs

Christopher K. Johnson ckjohnson at gwi.net
Wed Mar 24 15:03:53 UTC 2004


Mark Haney wrote:

> On Sun, 21 Mar 2004 18:33:13 -0500, Christopher K. Johnson 
> <ckjohnson at gwi.net> wrote:
>
>
>> The easiest way to configure ipsec vpn and still keep kernel maintenance
>> simple is by using the 2.6 kernel.  Follow notes elsewhere on how to
>> migrate to the 2.6 kernel, and hopefully the attached note will help you
>> from there.  It is a work in progress.
>>
>
> Hi Chris, thanks for the docs on this.  Just one question, I'm not 
> really worried about kernel maintenance so I'd prefer to stick with 
> the latest FC1 kernel (2.4.22-1.2174?) and use FreeS/Wan.  Will this 
> doc work on this configuration as well?
>
No, because FreeS/Wan patches to 2.4 kernel utilize a tunnel interface 
device.  So the interface configuration is different, and the iptables 
would utilize the tunnel interface as the input interface for packets 
coming from a vpn peer.

Check out http://lartc.org/howto/lartc.ipsec.html which makes this 
distinction, and the freeswan docs linked from there.

-- 
-----------------------------------------------------------
   "Spend less!  Do more!  Go Open Source..." -- Dirigo.net
   Chris Johnson, RHCE #807000448202021






More information about the users mailing list