Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IPSec 1

Status
Not open for further replies.
peterve

peterve

IS-IT--Management
Mar 19, 2000
1,348
NL
Does anyone has some good links on how to set up
1. IPSec tunnels between 2 RedHat Linux 7.2 IPtables firewalls (in order to connect to offices over the internet)
2. set up IPSec server, and connect to it with a Win2K client
3. use RedHat Linux 7.2 to connect to a Win2K IPSec-enabled server

thanks

--------------------------------------------------------------------
How can I believe in God when just last week I got my tongue caught in the roller of an electric typewriter?
---------------------------------------------------------------------
If this post was helpfull, please click below to let me know !
 
Sort by date Sort by votes
I was not looking for the link to FreeSwan;
I'm looking for some docs from guys who already used it and have set it up... (more step by step... the FreeSwan docs are somewhat confusing...)

thanks

Peter --------------------------------------------------------------------
How can I believe in God when just last week I got my tongue caught in the roller of an electric typewriter?
---------------------------------------------------------------------
If this post was helpfull, please click below to let me know !
 
Upvote 0 Downvote
I'll have a look at it... thanks !

by the way : have you ever installed Freeswan on a RH7.2 ? --------------------------------------------------------------------
How can I believe in God when just last week I got my tongue caught in the roller of an electric typewriter?
---------------------------------------------------------------------
If this post was helpfull, please click below to let me know !
 
Upvote 0 Downvote
Yes. Takes a little while to configure, but works very well when it's up and running.

I couldn't really give you any tips, I can only seem to get it to work with shared secrets, not pgp keys.

If you find a site that has an idiot's guide to setting up freeswan to use pgp keys, or if you manage to get it to work, could it post it here? C:\DOS:>
C:\DOS:>RUN
RUN DOS RUN!!
 
Upvote 0 Downvote
sure... maybe I can write it... I'm an Freeswan idiot at this point ;-)

let's go through the install guide quickly

1. I have to recompile the kernel (and I'm adding iptables 1.2.6a during recompilation
-> kernel recompilation BEFORE installing Freeswan seems to be necessary... any idea why ?

2. I have to install Freeswan
I guess I will have to recompile the kernel again...
any specific options that should be enabled in the kernel config ?
3. Configure freeswan


is this correct ?
--------------------------------------------------------------------
How can I believe in God when just last week I got my tongue caught in the roller of an electric typewriter?
---------------------------------------------------------------------
If this post was helpfull, please click below to let me know !
 
Upvote 0 Downvote
1) Freeswan is actually compiled into the kernel itself

2) You have to patch your kernel source with the freeswan distribution so that the ipsec options become active in the kernel config. Select these options while configuring the rest of your kernel, then compile and install as usual.

3) All the config is done using /etc/ipsec.conf, and all your keys & shared secrets reside in /etc/ipsec.secrets

After that, you should be able to connect to it from other machines using PGPNet, SSH Sentinel etc. with no problems.

Test the config first using shared secrets, so you can see if everything is working OK, then see if you can get the RSA key authentication working. C:\DOS:>
C:\DOS:>RUN
RUN DOS RUN!!
 
Upvote 0 Downvote
cool, thanks...

did you ever set it up with a Win2K client ? --------------------------------------------------------------------
How can I believe in God when just last week I got my tongue caught in the roller of an electric typewriter?
---------------------------------------------------------------------
If this post was helpfull, please click below to let me know !
 
Upvote 0 Downvote
Not with W2K's IPSec software. To tell you truth, I didn't really trust it!! I use PGPNet.

You shouldn't have any problems getting w2k's IPSec to work with Freeswan though. C:\DOS:>
C:\DOS:>RUN
RUN DOS RUN!!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

warmongr
  • Locked
  • Question
L2TP IPSEC
Replies
0
Views
30
warmongr
warmongr
BobMCT
  • Locked
  • Question
Anyone using a Linux IPSec VPN appliance?
Replies
2
Views
46
macd68
macd68
mnassih
  • Locked
  • Question
IPsec and IPv6
Replies
1
Views
53
lullysing
lullysing
esreverse
  • Locked
  • Question
Routing subnets, With Linux (IPsec-VPN)
Replies
5
Views
51
marsd
marsd
Rinnt
  • Locked
  • Question
VPN with IPSEC
Replies
0
Views
43
Rinnt
Rinnt

Part and Inventory Search

Sponsor

Back
Top