Configuration examples: Difference between revisions
Paul Wouters (talk | contribs) mNo edit summary |
Gilson Melo (talk | contribs) m (adding Oracle Cloud configuration with Libreswan) |
||
| (23 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
Below are the most common type of IPsec configurations people use. While written for libreswan, the instructions will work for openswan as well unless specifically noted. | Below are the most common type of IPsec configurations people use. While written for libreswan, the instructions will work for openswan as well unless specifically noted. | ||
= VPN server to VPN server configurations = | |||
[[ host to host VPN ]] | [[ host to host VPN ]] | ||
| Line 6: | Line 8: | ||
[[ subnet to subnet VPN ]] | [[ subnet to subnet VPN ]] | ||
[[ VPN server for remote clients using IKEv1 XAUTH ]] | [[ host to host VPN with PSK ]] | ||
[[ subnet to subnet VPN with PSK ]] | |||
[[ route-based VPN using VTI ]] | |||
[[ EoIP shared ethernet LAN using IPsec ]] | |||
[[ subnet to subnet using NAT ]] | |||
[[ SElinux and Labeled IPsec VPN ]] | |||
= VPN server for VPN client configurations = | |||
[[ VPN server for remote clients using IKEv2 ]] | |||
[[ VPN server for remote clients using IKEv2 split VPN ]] | |||
[[ VPN server for remote clients using IKEv1 XAUTH with Certificates ]] | |||
[[ VPN server for remote clients using IKEv1 XAUTH with PSK ]] | |||
[[ VPN server for remote clients using IKEv1 with L2TP ]] | |||
[[ libreswan as client to a Cisco (ASA or VPN3000) server ]] | |||
[[ IKEv1 XAUTH with Google-Authenticator One Time Passwords (OTP) ]] | |||
[[ | [[ IKEv1 XAUTH with FreeOTP and FreeIPA ]] | ||
[[ subnet extrusion ]] | [[ subnet extrusion ]] | ||
= VPN configurations to connect to cloud providers = | |||
[https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/libreswan.htm Creating a Secure Connection Between Oracle Cloud Infrastructure and Other Cloud Providers with Libreswan] | |||
[https://wiki.openstack.org/wiki/Neutron/VPNaaS/HowToInstall Using libreswan in OpenStack as VPNaaS] | |||
[[ High Availability / Failover VPN in AWS using libreswan ]] | |||
[[ Microsoft Azure configuration ]] | |||
[https://docs.openshift.com/container-platform/3.3/admin_guide/ipsec.html OpenShift Cloud Encryption with libreswan] | |||
= Misc items = | |||
[[ Using Apache to serve PKCS#12 format .p12 files ]] | |||
Revision as of 22:03, 2 August 2018
Below are the most common type of IPsec configurations people use. While written for libreswan, the instructions will work for openswan as well unless specifically noted.
VPN server to VPN server configurations
EoIP shared ethernet LAN using IPsec
VPN server for VPN client configurations
VPN server for remote clients using IKEv2
VPN server for remote clients using IKEv2 split VPN
VPN server for remote clients using IKEv1 XAUTH with Certificates
VPN server for remote clients using IKEv1 XAUTH with PSK
VPN server for remote clients using IKEv1 with L2TP
libreswan as client to a Cisco (ASA or VPN3000) server
IKEv1 XAUTH with Google-Authenticator One Time Passwords (OTP)
IKEv1 XAUTH with FreeOTP and FreeIPA
VPN configurations to connect to cloud providers
Using libreswan in OpenStack as VPNaaS
High Availability / Failover VPN in AWS using libreswan
OpenShift Cloud Encryption with libreswan