An Introduction to FreeS/WAN, Part I
And now the moment of truth! First on George and then on Gracie, we enter the command:
ipsec setup restart
George will read /etc/ipsec.conf, load the george-gracie tunnel definition into its connection setup database and wait for connections. Gracie will do the same thing and then bring up the tunnel. Startup messages will be logged to /var/log/messages or /var/log/secure. If on the client system the output from ipsec setup restart ends with an “IPsec SA established” message, your tunnel is up! Try pinging or otherwise connecting to hosts on the remote network; the connection should behave no differently from before when you brought the tunnel up. In fact, you may want to run tcpdump on your tunnel-bound Ethernet interface to make sure that only ESP (Encapsulating Security Payload) packets (i.e., encrypted tunnel packets and not actual Ping, FTP packets, etc.) are being sent out.
Next month we'll look at another VPN scenario or two and delve deeper into the splendors of FreeS/WAN. Hopefully this was enough to get you started down the path to secure wireless networking!
Mick Bauer (email@example.com) is a network security consultant for Upstream Solutions, Inc., based in Minneapolis, Minnesota. He is the author of the upcoming O'Reilly book Building Secure Servers with Linux, composer of the “Network Engineering Polka” and a proud parent (of children).
- Stepping into Science
- CORSAIR's Carbide Air 740
- A Better Raspberry Pi Streaming Solution
- Qu’est-ce qu’on a fait au Bon Dieu ? Télécharger Le Film Complet Gratuit
- Tyson Foods Honored as SUSE Customer of the Year
- Linux Journal December 2016
- FutureVault Inc.'s FutureVault
- Radio Free Linux
- The Tiny Internet Project, Part II
- Message for You, Sir!