content:en_us:kb_o_manual_site_to_site_tunnels_with_clearos_and

Manual Site to Site Tunnels with ClearOS and IPSec

This document is intended to be used as a general layout and design guide for creating manual IPSec VPN tunnels using ClearOS' OpenSwan implementation. The purpose is two-fold: 1) to lay out a framework for an eventual modification to ClearOS' IPSec VPN to support different VPN technology providers who implement the open standards exchange via IPSec, and 2) provide a manual process for implementing secure tunnels via IPSec.

This document is currently under development. Additionally, IPSec tunnels which are NOT dynamic VPN tunnels are currently supported under ClearCare Tier 3 support.

Technology Overview

IPSec is a virtual private network (VPN) technology which can be used for site-to-site network tunnels between trusted networks or can be used to connect a single host using x.509 certificate authentication or L2TP. IPSec is about at fast as PPTP but is more effective than PPTP for the following reasons:

IPSec can terminate entire network or clients (PPTP can only do clients)
IPSec's encryption is secure whereas PPTP has security holes (especially when the entire session is captured)

IPSec also has advantages and disadvantages when compared to OpenVPN.

Advantages:

IPSec support comes natively on all major operating systems (Windows, Mac OSX, Linux,

search?q=clearos%2C%20clearos%20content%2C%20guides%2C%20manual%2C%20versionx%2C%20xcategory%2C%20maintainer_dloper%2C%20maintainerreview_x%2C%20keywordfix&btnI=lucky