[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: AW: Firewall Planning

Jose Guzman wrote:
Chavez, Bruce wrote:

 >If you want to go even further you can create a VPN over your wireless
 >network to ecrypt data.

do you have as documentation or a link to this ???

Check the freeswan project at  http://www.freeswan.org

There are debian packages for freeswan in woody, and work great, a kernel patch is needed for 2.4.x. In 2.6.x ipsec support is built-in and you don't need freeswan, but last time I checked, there was not much documentation on ipsec over linux 2.6.

Ipsec in the windows world is a bit harder to get working, but is possible, the easier way I hear is with pptp, which linux supports, although it is regarded as a worse solution, security-wise.

There was info on how to get a win2k box talk ipsec here: http://jixen.tripod.com/win2k-screen.html but it appears it's no longer there, I made a copy of the site, which included screenshots and a straightforward description of the trick, if you need it, I can put it somewhere for download.

have fun


please reply to the list

There is an ipsec howto on kernel 2.6.x at http://www.ipsec-howto.org/x237.html

I would suggest you start using this KAME TOOLS option (ipsec for 2.6.x) with kernel 2.4.22 source package from debian (which has 2.6 ipsec stuff in it), you have a stable kernel, you have latest ipsec method and you dont need freeswan wich probably will become obsolete when 2.6.x becomes stable.

Follow the howto of the url and youll have ipsec working in no time.

Hope this helps


Reply to: