The state of IPSec in Debian
Hi!
I am not a completely unexperienced user of Debian, but sometimes
certain subsystems and choices still puzzle me. Right now this
is IPSec.
There used to be several implementations, but am I right that
the only sensible one right now is Strongswan?
https://wiki.debian.org/IPsec
goes on about the "experimental" Linux 2.5 series and "now that Sarge
is released", i.e. is woefully out of date, so much that I would call
it confusing.
Is there some more recent documentation on setting up an ipsec
tunnel on Debian in 2019 (and not in 2009 ;) or should I just go
by the StrongSwan docs, e.g.
https://www.strongswan.org/testing/testresults/swanctl/net2net-psk/
?
Strongswan seems to have two configuration systems, the
"deprecated" stroke plugin with ipsec.conf and the
"preferred" vici plugin with "swanctl.conf". Should I
use the "deprecated" stuff with Debian nevertheless?
Or am I completely wrong and should I use some other implementation?
TIA
/ralph
--
-----------------------------------------------------------------------------
https://aisg.at
ausserirdische sind gesund
Reply to: