[CentOS] IPSec VPN Under CentOS 5.4

Geoff Galitz geoff at galitz.org
Thu Oct 22 19:08:37 UTC 2009

> Geoff Galitz wrote:
>> Openswan is your friend.  I have it running (under OpenSUSE) and it is
>> quite easy.  I tend to favor IPsec over SSL as I don't like to have
>> openssl as a dependancy.
>> http://www.openswan.org
> On the other hand, if you don't have a strict requirement for IPsec, it is
> much
> easier to get the udp or tcp packets that work for openvpn through NAT and
> port-forwarding routers.

True for port fowarding, but current versions of Openswan (that is,
currently available in most public repos) work just fine with NAT.  I am
using it in NAT environment and I did not have to make NAT/Masquerading
adjustments.  This was not always the case, and the Openswan docs still
refer to adjustments for NAT networks... but as I said it works just fine
for us without adjustments.


Geoff Galitz
Blankenheim, DE

More information about the CentOS mailing list