1

As per subject. I have heard of default IPsec support on later versions of Linux kernel (without need to recompile or install special packages) but maybe it's a rumour?

Interested in both VPN connectivity scenarios:
- Server-to-Server (e.g. interconnecting geo-distibuted networks)
- Client-to-Server (Windows, iPhone and Blackberry users connecting to the VPN server to access all/part of corp network)

Alex
  • 1,828
  • 4
  • 31
  • 52

1 Answers1

2

Yes, modern kernels support ipsec natively since 2.5+ which is a long time.

you will need to install userspace tools, but they are available in any modern distro so nothing "special" about them

generic howto is here

http://lartc.org/howto/lartc.ipsec.html

I would recomment to start with illustrated guide to ipsec as you will have to know how ipsec works if you want to set it up.

http://www.unixwiz.net/techtips/iguide-ipsec.html

Aleksandar Ivanisevic
  • 3,377
  • 21
  • 24
  • Can lartc be used to allow client vpn? such as Android powered phone accessing VPN? – Alex Oct 27 '11 at 04:16
  • also, according to howto on lartc.org, it seems the kernel does need to be recompiled with PF_KEY etc. What is the advantage over strongswan, which claims no need to mod/recompile kernel. – Alex Oct 27 '11 at 04:22