[CentOS] IPSec VPN Under CentOS 5.4

Thu Oct 22 18:08:37 UTC 2009
Geoff Galitz <geoff at galitz.org>

> Geoff Galitz wrote:
>>
>> Openswan is your friend.  I have it running (under OpenSUSE) and it is
>> quite easy.  I tend to favor IPsec over SSL as I don't like to have
>> openssl as a dependancy.
>>
>> http://www.openswan.org
>
> On the other hand, if you don't have a strict requirement for IPsec, it is
> much
> easier to get the udp or tcp packets that work for openvpn through NAT and
> port-forwarding routers.
>


True for port fowarding, but current versions of Openswan (that is,
currently available in most public repos) work just fine with NAT.  I am
using it in NAT environment and I did not have to make NAT/Masquerading
adjustments.  This was not always the case, and the Openswan docs still
refer to adjustments for NAT networks... but as I said it works just fine
for us without adjustments.


-geoff


------------------------------
Geoff Galitz
Blankenheim, DE
http://www.galitz.org