There are several ways to implement a VPN on your Linux servers. This is the second tip in our series on VPN operating system interoperability. In the previous tip, Configure VPNs with Unix, we looked at how to configure two Unix servers.
In this part, we'll discuss using VPNs on Linux. Some of these solutions will depend on the Linux distribution that you are using.
IPsec for GNU/Linux -- provided by FreeS/WAN
This popular implementation of IPsec for GNU/Linux implementation is available for Linux kernels 2.2 and later (they provide a version for the 2.6 kernel). This is a free software-based VPN solution that uses a standardized Internet Protocol security (IPsec) implementation.
SSL VPN
You can start with OpenVPN, which is a full-featured SSL VPN solution. Unlike other SSL VPN solutions, OpenVPN needs an installed OpenVPN client on remote machines. It is not standardized (which means you have to stick to one solution both on client and server). It also needs a client application, though it is supported on many platforms, including Windows. It is very easy to configure; this is done using a tun/tap device, so it automatically builds a tunnel between the client and the server.
RHEL IPsec using IKE
Each Linux distribution has its own way of doing things. Red Hat Enterprise Linux supports IPsec for connecting remote hosts and networks to each other using a secure tunnel on a common carrier network such as the Internet. IPsec can be implemented using either a host-to-host (PC-to-PC) or network-to-network (one LAN/WAN to another LAN/WAN). R
To continue reading for free, register below or login
To read more you must become a member of SearchNetworking.com
');
// -->

ed Hat's IPsec implementation uses Internet Key Exchange (IKE), which is a protocol implemented by the Internet Engineering Task Force (IETF). It is used for mutual authentication and secure associations between connecting systems.
Here's how it works: Essentially, an IPsec connection is split into two logical phases.
Red Hat's implementation of IPsec uses IKE for sharing keys between hosts across the Internet.
Requirements
In order to implement IPsec in Red Hat, the ipsec-tools RPM package must be installed on all IPsec hosts or routers, depending on whether this is a host-based or network-based design. There are two ways to configure IPsec on Red Hat. One is to use the GUI (Network Administration Tool), and the other is to edit networking and IPsec configuration files manually. We detail the GUI steps in this article.
The first step in creating a connection is the information-gathering stage. You'll need the IP addresses, a unique name to establish the connection, a fixed encryption key and a pre-shared authentication key, which is used to initiate and encrypt keys during the session.
The steps are as follows:
At this point, you must follow the same steps for your other host. Don't forget to use the same keys from step 8 on the other hosts; otherwise, IPsec won't work.
About the author:
Ken Milberg is the founder of Unix-Linux Solutions. He is also a board member of Unigroup of NY, the oldest Unix user group in N.Y.C. Ken regularly answers user questions on Unix and Linux interoperability issues as a site expert on SearchOpenSource.com.