Developers Documentation

×

Warning

301 error for file:https://clearos.com/dokuwiki2/lib/exe/css.php?t=dokuwiki&tseed=82873f9c9a1f5784b951644363f20ef8

User Tools

Site Tools


Manual Site to Site Tunnels with ClearOS and IPSec

This document is intended to be used as a general layout and design guide for creating manual IPSec VPN tunnels using ClearOS' OpenSwan implementation. The purpose is two-fold: 1) to lay out a framework for an eventual modification to ClearOS' IPSec VPN to support different VPN technology providers who implement the open standards exchange via IPSec, and 2) provide a manual process for implementing secure tunnels via IPSec.

This document is currently under development. Additionally, IPSec tunnels which are NOT dynamic VPN tunnels are currently supported under ClearCare Tier 3 support.

Technology Overview

IPSec is a virtual private network (VPN) technology which can be used for site-to-site network tunnels between trusted networks or can be used to connect a single host using x.509 certificate authentication or L2TP. IPSec is about at fast as PPTP but is more effective than PPTP for the following reasons:

  • IPSec can terminate entire network or clients (PPTP can only do clients)
  • IPSec's encryption is secure whereas PPTP has security holes (especially when the entire session is captured)

IPSec also has advantages and disadvantages when compared to OpenVPN.

Advantages:

  • IPSec support comes natively on all major operating systems (Windows, Mac OSX, Linux,
content/en_us/kb_o_manual_site_to_site_tunnels_with_clearos_and_ipsec.txt · Last modified: 2014/12/22 14:02 (external edit)

https://clearos.com/dokuwiki2/lib/exe/indexer.php?id=content%3Aen_us%3Akb_o_manual_site_to_site_tunnels_with_clearos_and_ipsec&1710836818