[CentOS] VPN

Tue May 24 09:02:03 UTC 2005
Simone <simone72 at email.it>

Well, I would use lastest 2.4 kernel, 2.4.21-27.0.4, but  I downloaded 
freeswan-utils-2.05 and kernel-module-freeswan-2.05 from dags repository 
for kernel 2.4.21-15 and I am giving it a try with that kernel. I would 
certainly appreciate if you could provide a set for the latest 2.4 
kernel, and even more I would appreciate if you could tell me how to 
find it myself. I have seen on freeswan's website that I can grab the 
srpms, so I was wondering if recompilig could be an option (maybe with 
dag's spec file?) to always have a working freeswan set no matter which 
kernel I am using.

Thanks again, have a nice day

Simone

Peter Farrow wrote:

> Give me your kernel version and I will find you an Ipsec compatible 
> set .....
>
> I have used 2.4.20... with IPSec...
>
> P.
>
>
> Simone wrote:
>
>> Thanks, for all the suggestions, this is so helpful.
>> I have to say I thought using the redhat-config-network tool was the 
>> easiest way to do it, but once again I realize how graphical tools 
>> can be misleading sometimes. I have no ipsec.conf anywhere, so I 
>> assume I am not using freeswan. I checked on the site, but I cannot 
>> find any freeswan for kernel 2.4.21-* looks like there's only 2.4.20 
>> or 2.4.22, so I am stuck. Checked the old updates for a 2.4.20 kernel 
>> but couldn't find any. If anyone can point me somewhere I can find a 
>> kernel suitable for freeswan I'd appreciate (running CentOS 3).
>> I am not stuck with any solution, so OpenVPN is an option, although I 
>> found this good guide to make it work between cisco pix and freeswan 
>> and I'd rather give it a try. I red on the site that freeswan is no 
>> more under development, should this worry us?
>> And final consideration, the box I am trying to VPN is the natting 
>> gateway, so thanks for the hints on iptables configuration.
>>
>>
>> Simone
>>
>> Peter Farrow wrote:
>>
>>> on average i takes me less than 5 minutes to setup vpn with 
>>> freeswan.....
>>>
>>> 4 mins of this usually involve finding the right kernel versions....
>>>
>>> P.
>>> :-)
>>>
>>> If anyone wants to know the easyway to use freeswan drop me aline it 
>>> really is very simple.
>>>
>>>
>>> Les Mikesell wrote:
>>>
>>>> On Mon, 2005-05-23 at 13:44, Jonathan wrote:
>>>>
>>>>  
>>>>
>>>>>> IF you are not stuck to IPSec, you might want to take a look at 
>>>>>> OpenVPN (www.openvpn.org). I found OpenVPN easier to install than 
>>>>>> FreeSWAN (an IPSEC VPN) and have setup an OpenVPN solution 
>>>>>> between my German office and our mainoffice in a matter of hours.
>>>>>>
>>>>>>
>>>>>>
>>>>>>     
>>>>>
>>>>>
>>>>> I have to second (resoundingly) Thom on this one.  FreeSWAN is 
>>>>> perhaps the most painful tool I have ever dealt with on a linux 
>>>>> system, and I would avoid it if you could.  OpenVPN is much more 
>>>>> user friendly, though ultimately my company ended up using 
>>>>> hardware appliances here (turned out to be cheaper than paying the 
>>>>> sysadmin regularly to keep things up).
>>>>>   
>>>>
>>>>
>>>>
>>>> If you are running Centos 3.x you still have CIPE as a 
>>>> fill-in-the-form
>>>> option in the redhat-config-network GUI (Click the 'new' button above
>>>> the devices tab).  Unfortunately it is gone in Centos 4.
>>>>
>>>>  
>>>>
>>> ------------------------------------------------------------------------ 
>>>
>>>
>>> _______________________________________________
>>> CentOS mailing list
>>> CentOS at centos.org
>>> http://lists.centos.org/mailman/listinfo/centos
>>>  
>>>
>>
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> http://lists.centos.org/mailman/listinfo/centos
>
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>