Thanks, for all the suggestions, this is so helpful. I have to say I thought using the redhat-config-network tool was the easiest way to do it, but once again I realize how graphical tools can be misleading sometimes. I have no ipsec.conf anywhere, so I assume I am not using freeswan. I checked on the site, but I cannot find any freeswan for kernel 2.4.21-* looks like there's only 2.4.20 or 2.4.22, so I am stuck. Checked the old updates for a 2.4.20 kernel but couldn't find any. If anyone can point me somewhere I can find a kernel suitable for freeswan I'd appreciate (running CentOS 3). I am not stuck with any solution, so OpenVPN is an option, although I found this good guide to make it work between cisco pix and freeswan and I'd rather give it a try. I red on the site that freeswan is no more under development, should this worry us? And final consideration, the box I am trying to VPN is the natting gateway, so thanks for the hints on iptables configuration.
Simone
Peter Farrow wrote:
on average i takes me less than 5 minutes to setup vpn with freeswan.....
4 mins of this usually involve finding the right kernel versions....
P. :-)
If anyone wants to know the easyway to use freeswan drop me aline it really is very simple.
Les Mikesell wrote:
On Mon, 2005-05-23 at 13:44, Jonathan wrote:
IF you are not stuck to IPSec, you might want to take a look at OpenVPN (www.openvpn.org). I found OpenVPN easier to install than FreeSWAN (an IPSEC VPN) and have setup an OpenVPN solution between my German office and our mainoffice in a matter of hours.
I have to second (resoundingly) Thom on this one. FreeSWAN is perhaps the most painful tool I have ever dealt with on a linux system, and I would avoid it if you could. OpenVPN is much more user friendly, though ultimately my company ended up using hardware appliances here (turned out to be cheaper than paying the sysadmin regularly to keep things up).
If you are running Centos 3.x you still have CIPE as a fill-in-the-form option in the redhat-config-network GUI (Click the 'new' button above the devices tab). Unfortunately it is gone in Centos 4.
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos