View Single Post
  #2   (View Single Post)  
Old 14th January 2014
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

That howto is dated 2009, but I believe it must have been written years before, as it recommends using isakmpd.conf rather than the far more simple and easy to use ipsec.conf(5), which became available in 2005.

To highlight the simplicity of the newer configuration tool, a popular howto for ipsec.conf was titled Zero to IPSec in 4 minutes. That proved so popular, that the OpenBSD Journal published a follow on article they titled 0 to IPSec in 4 minutes (To a Cisco!). I couldn't tell you whether the guidance in the latter howto would be applicable to your environment. What it does highlight is that you will need a basic understanding of how IPSec works, how the two gateways nodes negotiate SAs and Flows, the capabilities of both gateways, and how to ensure that your traffic is properly encrypted between the two.

The ipsec(4) man page is a good starting point on the road to understanding.
Reply With Quote