Security Basics mailing list archives
Linux 2.6 IPSec Tunnels
From: securitylists () speed seas upenn edu
Date: Thu, 8 Apr 2004 16:27:25 -0400
Hi list, I'm trying to set up IPSec tunnels between two private (nonrouteable) networks using the 2.6 kernel's native IPSec and ipsec-tools (which are a port of the KAME IPSec utilities). I've successfully gotten transport mode working (using the information at http://www.ipsec-howto.org/x237.html) but I am unsure on how to do tunnel mode (and documentation is, as a whole, quite scarce). Following the directions on that site, I can set up the tunnels between the gateways allright (apparently, but I cannot test it--traffic between the gateways themselves is unencrypted). But I don't know what to do on the gateways to get the proper routing. So if I have the following network setup: [10.0.1.0/24] <--> [gateway1] <---Internet---> [gateway2] <--> [10.0.2.0/24] How do I configure gateway1 to route 10.0.2.0/24 through the tunnel, and vice-versa on gateway2? I assume I need to turn on ip_forwarding, but there must be some route configuration I need to perform as well, I assume? Can anyone direct me on what to do or where to find better documentation on this? Thanks, Dan --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Linux 2.6 IPSec Tunnels securitylists (Apr 12)