Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
| docs:guide-user:services:vpn:ipsec:openswan:site2site [2020/10/05 00:34] – formatting vgaetera | docs:guide-user:services:vpn:libreswan:site2site [2021/08/30 04:17] – [Troubleshooting] vgaetera | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== IPsec site-to-site ====== | ====== IPsec site-to-site ====== | ||
| - | | For an overview over all existing Virtual private network (VPN)-related articles in the OpenWrt wiki, please visit [[docs: | ||
| - | For all those people who want to use openswan for a site to site connection here are the gory details... | ||
| - | |||
| ===== Background ===== | ===== Background ===== | ||
| In our office environment we use CentOS on many of our internet facing servers. | In our office environment we use CentOS on many of our internet facing servers. | ||
| Line 9: | Line 6: | ||
| This can be accomplished by killing off the racoon service and starting it again. | This can be accomplished by killing off the racoon service and starting it again. | ||
| This is not particularly helpfull. | This is not particularly helpfull. | ||
| - | RedHat have decided to move to openswan | + | RedHat have decided to move to Libreswan |
| We are now in the process of migrating all our IPsec VPN connections to CentOS 6.x. | We are now in the process of migrating all our IPsec VPN connections to CentOS 6.x. | ||
| ===== Preparation ===== | ===== Preparation ===== | ||
| - | ==== Background Reading ==== | ||
| - | [[https:// | ||
| - | |||
| [[wp> | [[wp> | ||
| - | A good grounding on openSwan | + | A good grounding on Libreswan |
| Note KLIPS is used in openWRT and NETKEY is used in RHEL 6.x / CentOS 6.x the pecularities of this are discussed later. | Note KLIPS is used in openWRT and NETKEY is used in RHEL 6.x / CentOS 6.x the pecularities of this are discussed later. | ||
| - | ==== Required Packages | + | ==== Installation |
| - | === Server (OpenWrt) === | + | |
| - | You need to install the openswan package | + | |
| - | + | ||
| - | === Server (RHEL 6.x / CentOS 6.x) === | + | |
| <code bash> | <code bash> | ||
| - | yum install openswan | + | opkg install |
| - | </ | + | |
| - | + | ||
| - | ===== Installation ===== | + | |
| - | Use the graphical package manager to install openswan or from the command prompt using [[docs: | + | |
| - | + | ||
| - | <code bash> | + | |
| - | opkg install | + | |
| </ | </ | ||
| ===== Configuration ===== | ===== Configuration ===== | ||
| - | ==== OpenWrt ==== | ||
| - | Edit **/ | ||
| - | |||
| <code bash> | <code bash> | ||
| + | # vi / | ||
| include / | include / | ||
| - | </ | ||
| - | Edit **/ | + | # vi / |
| - | + | ||
| - | <code bash> | + | |
| include / | include / | ||
| </ | </ | ||
| Line 100: | Line 78: | ||
| # Firewall | # Firewall | ||
| - | iptables-save | + | iptables-save |
| </ | </ | ||
| ===== Notes ===== | ===== Notes ===== | ||
| - | * The Project Homepage: [[http:// | + | * The project homepage: [[http:// |
| - | * a very good tutorial: [[http:// | + | * A very good tutorial: [[http:// |