Re: Ipsec - vpn on iptables
From: Cédric Blancher (blancher@cartel-info.fr)Date: 09/10/01
- Previous message: Cy Schubert - ITSD Open Systems Group: "Re: Bind Listening on port 32768"
- In reply to: red@bluewin.ch: "Ipsec - vpn on iptables"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Subject: Re: Ipsec - vpn on iptables From: Cédric Blancher <blancher@cartel-info.fr> To: red@bluewin.ch Date: 10 Sep 2001 00:04:02 +0200 Message-Id: <1000073046.596.7.camel@elendil>
On sam, 2001-09-08 at 10:38, red@bluewin.ch wrote:
> I'm using a Linux with iptables for firewall
> I would like to install ipsec to connect for vpn, and I might need some
> help.
> My questions:
> 1. Is there a good how-to manual for creating the ipsec/vpn somewhere on
> the net ?
For me, best VPN implementation for Linux is actualy FreeS/WAN
(http://www.freeswan.org/). On the site, you can find a quite complete
documentation. For more specific question, there's a lot of stuff in
linux-ipsec maling-list archives.
When firewalling IPSEC tunnels, you must be careful with :
IKE protocol (keys exchange) : UDP:500 to UDP:500
ESP (encrypted payload) : IP protocol 50
AH (authentication header, not always used) : IP protocol 51
> 2. To connect to this vpn with a win2000-client, which possibilities do
> exist ?
See the mailing list, some posts cover this topic. I even remember
someone wrote a paper about this (URL is posted on mailing list, maybe
see Google).
-- Cédric Blancher Consultant sécurité systèmes et réseaux Cartel Informatique - Groupe CGBI - http://www.cartel-info.fr/ Tél : 01 44 06 97 87 - Fax 01 44 06 97 99
- Previous message: Cy Schubert - ITSD Open Systems Group: "Re: Bind Listening on port 32768"
- In reply to: red@bluewin.ch: "Ipsec - vpn on iptables"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
