This document is intended to be used as a general layout and design guide for creating manual IPSec VPN tunnels using ClearOS' OpenSwan implementation. The purpose is two-fold: 1) to lay out a framework for an eventual modification to ClearOS' IPSec VPN to support different VPN technology providers who implement the open standards exchange via IPSec, and 2) provide a manual process for implementing secure tunnels via IPSec.

IPSec is a virtual private network (VPN) technology which can be used for site-to-site network tunnels between trusted networks or can be used to connect a single host using x.509 certificate authentication or L2TP. IPSec is about at fast as PPTP but is more effective than PPTP for the following reasons:

• IPSec can terminate entire network or clients (PPTP can only do clients)
• IPSec's encryption is secure whereas PPTP has security holes (especially when the entire session is captured)

IPSec also has advantages and disadvantages when compared to OpenVPN.

Advantages:

• IPSec support comes natively on all major operating systems (Windows, Mac OSX, Linux,

search?q=clearos%2C%20clearos%20content%2C%20guides%2C%20manual%2C%20versionx%2C%20xcategory%2C%20maintainer_dloper%2C%20maintainerreview_x%2C%20keywordfix&btnI=lucky