VPN operating system interoperability -- Configure VPNs with Linux

In this part, we'll discuss using VPNs on Linux. Some of these solutions will depend on the Linux distribution that you are using.

IPsec for GNU/Linux -- provided by FreeS/WAN

This popular implementation of IPsec for GNU/Linux implementation is available for Linux kernels 2.2 and later (they provide a version for the 2.6 kernel). This is a free software-based VPN solution that uses a standardized Internet Protocol security (IPsec) implementation.

SSL VPN

You can start with OpenVPN, which is a full-featured SSL VPN solution. Unlike other SSL VPN solutions, OpenVPN needs an installed OpenVPN client on remote machines. It is not standardized (which means you have to stick to one solution both on client and server). It also needs a client application, though it is supported on many platforms, including Windows. It is very easy to configure; this is done using a tun/tap device, so it automatically builds a tunnel between the client and the server.

RHEL IPsec using IKE

Each Linux distribution has its own way of doing things. Red Hat Enterprise Linux supports IPsec for connecting remote hosts and networks to each other using a secure tunnel on a common carrier network such as the Internet. IPsec can be implemented using either a host-to-host (PC-to-PC) or network-to-network (one LAN/WAN to another LAN/WAN). R

Digg This!     StumbleUpon     Del.icio.us

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

Here's how it works: Essentially, an IPsec connection is split into two logical phases.

Red Hat's implementation of IPsec uses IKE for sharing keys between hosts across the Internet.

Requirements

In order to implement IPsec in Red Hat, the ipsec-tools RPM package must be installed on all IPsec hosts or routers, depending on whether this is a host-based or network-based design. There are two ways to configure IPsec on Red Hat. One is to use the GUI (Network Administration Tool), and the other is to edit networking and IPsec configuration files manually. We detail the GUI steps in this article.

The first step in creating a connection is the information-gathering stage. You'll need the IP addresses, a unique name to establish the connection, a fixed encryption key and a pre-shared authentication key, which is used to initiate and encrypt keys during the session.

The steps are as follows:

At this point, you must follow the same steps for your other host. Don't forget to use the same keys from step 8 on the other hosts; otherwise, IPsec won't work.

About the author:
Ken Milberg is the founder of Unix-Linux Solutions. He is also a board member of Unigroup of NY, the oldest Unix user group in N.Y.C. Ken regularly answers user questions on Unix and Linux interoperability issues as a site expert on SearchOpenSource.com.

Rate this Tip To rate tips, you must be a member of SearchNetworking.com. Register now to start rating these tips. Log in if you are already a member. DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.