If you want an easy way to setup IPsec, contact a network security consultant that understands it. I think they are rare.
One organization that I know does understand IPsec is protectix. They offer a turn-key solution which is designed around open source. The advantage of using protectix is they also develop IPsec devices. http://www.protectix.com/ Their device is called the Prowall. If this is not feasible or you want to do it yourself, start reading. Read all the documents on the IPsec listserve. http://lists.freeswan.org Design: http://lists.freeswan.org/pipermail/design/ Using: http://lists.freeswan.org/pipermail/users/ Briefs: http://lists.freeswan.org/pipermail/briefs/ Here is an intro to VPN http://www.synthcom.com/~val/cs510/termpaper.htm -Ted Knab Senior Otaku Breezy Network Solutions On Tue, Jul 10, 2001 at 11:25:24AM -0500, Jeremy Gaddis wrote: > Using an IPSec VPN is probably the "best" way to do it. > FreeS/WAN (http://www.freeswan.org) is a Linux implementation > of IPSec, but it's not the easiest thing in the world to > configure. > > j. > > -- > Jeremy L. Gaddis <[EMAIL PROTECTED]> > > -----Original Message----- > From: Stephane Bortzmeyer [mailto:[EMAIL PROTECTED] > Sent: Tuesday, July 10, 2001 10:36 AM > To: [email protected] > Subject: Recommended way to setup an encrypted tunnel (a VPN) > > > I have to connect two networks together and the virtual link needs to > be safely encrypted (some users know SSH but some will just POP > blindly and LDAP in woody is not SSLized anyway). > > I wonder what is the recommended way to setup an encrypted tunnel (to > make a VPN) between two Debian boxes: > > - I tried pipsecd + userlink. The userlink module seems severely > broken, at least with kernel 2.4. A simple ifconfig stays in D 'disk > wait' forever! > > - ssh + ppp seems interesting because I know both of them. But is > there a trick when you combine them? > http://www.linuxdoc.org/HOWTO/VPN-HOWTO.html does not seem to be > maintained. > > - GRE module in the kernel? (I use 2.4 on woody) Anyone has something > to say about it? >
