[CentOS] VPN

Tue May 24 08:28:53 UTC 2005
Simone <simone72 at email.it>

Thanks, for all the suggestions, this is so helpful.
I have to say I thought using the redhat-config-network tool was the 
easiest way to do it, but once again I realize how graphical tools can 
be misleading sometimes. I have no ipsec.conf anywhere, so I assume I am 
not using freeswan. I checked on the site, but I cannot find any 
freeswan for kernel 2.4.21-* looks like there's only 2.4.20 or 2.4.22, 
so I am stuck. Checked the old updates for a 2.4.20 kernel but couldn't 
find any. If anyone can point me somewhere I can find a kernel suitable 
for freeswan I'd appreciate (running CentOS 3).
I am not stuck with any solution, so OpenVPN is an option, although I 
found this good guide to make it work between cisco pix and freeswan and 
I'd rather give it a try. I red on the site that freeswan is no more 
under development, should this worry us?
And final consideration, the box I am trying to VPN is the natting 
gateway, so thanks for the hints on iptables configuration.


Simone

Peter Farrow wrote:

> on average i takes me less than 5 minutes to setup vpn with freeswan.....
>
> 4 mins of this usually involve finding the right kernel versions....
>
> P.
> :-)
>
> If anyone wants to know the easyway to use freeswan drop me aline it 
> really is very simple.
>
>
> Les Mikesell wrote:
>
>>On Mon, 2005-05-23 at 13:44, Jonathan wrote:
>>
>>  
>>
>>>>IF you are not stuck to IPSec, you might want to take a look at OpenVPN (www.openvpn.org). I found OpenVPN easier to install than FreeSWAN (an IPSEC VPN) and have setup an OpenVPN solution between my German office and our mainoffice in a matter of hours.
>>>>
>>>> 
>>>>
>>>>      
>>>>
>>>I have to second (resoundingly) Thom on this one.  FreeSWAN is perhaps 
>>>the most painful tool I have ever dealt with on a linux system, and I 
>>>would avoid it if you could.  OpenVPN is much more user friendly, though 
>>>ultimately my company ended up using hardware appliances here (turned 
>>>out to be cheaper than paying the sysadmin regularly to keep things up).
>>>    
>>>
>>
>>If you are running Centos 3.x you still have CIPE as a fill-in-the-form
>>option in the redhat-config-network GUI (Click the 'new' button above
>>the devices tab).  Unfortunately it is gone in Centos 4.
>>
>>  
>>
>------------------------------------------------------------------------
>
>_______________________________________________
>CentOS mailing list
>CentOS at centos.org
>http://lists.centos.org/mailman/listinfo/centos
>  
>