[CentOS] IPSec VPN Under CentOS 5.4
geoff at galitz.org
Thu Oct 22 18:08:37 UTC 2009
> Geoff Galitz wrote:
>> Openswan is your friend. I have it running (under OpenSUSE) and it is
>> quite easy. I tend to favor IPsec over SSL as I don't like to have
>> openssl as a dependancy.
> On the other hand, if you don't have a strict requirement for IPsec, it is
> easier to get the udp or tcp packets that work for openvpn through NAT and
> port-forwarding routers.
True for port fowarding, but current versions of Openswan (that is,
currently available in most public repos) work just fine with NAT. I am
using it in NAT environment and I did not have to make NAT/Masquerading
adjustments. This was not always the case, and the Openswan docs still
refer to adjustments for NAT networks... but as I said it works just fine
for us without adjustments.
More information about the CentOS