content:en_us:kb_o_manual_site_to_site_tunnels_with_clearos_and_ipsec

Manual Site to Site Tunnels with ClearOS and IPSec

This document is intended to be used as a general layout and design guide for creating manual IPSec VPN tunnels using ClearOS' OpenSwan implementation. The purpose is two-fold: 1) to lay out a framework for an eventual modification to ClearOS' IPSec VPN to support different VPN technology providers who implement the open standards exchange via IPSec, and 2) provide a manual process for implementing secure tunnels via IPSec.

<note warning>This document is currently under development. Additionally, IPSec tunnels which are NOT dynamic VPN tunnels are currently supported under ClearCare Tier 3 support.</note>

Technology Overview

IPSec is a virtual private network (VPN) technology which can be used for site-to-site network tunnels between trusted networks or can be used to connect a single host using x.509 certificate authentication or L2TP. IPSec is about at fast as PPTP but is more effective than PPTP for the following reasons:

  • IPSec can terminate entire network or clients (PPTP can only do clients)
  • IPSec's encryption is secure whereas PPTP has security holes (especially when the entire session is captured)

IPSec also has advantages and disadvantages when compared to OpenVPN.

Advantages:

  • IPSec support comes natively on all major operating systems (Windows, Mac OSX, Linux,

search?q=clearos%2C%20clearos%20content%2C%20guides%2C%20manual%2C%20versionx%2C%20xcategory%2C%20maintainer_dloper%2C%20maintainerreview_x%2C%20keywordfix&amp;btnI=lucky

content/en_us/kb_o_manual_site_to_site_tunnels_with_clearos_and_ipsec.txt · Last modified: 2014/12/22 21:02 (external edit)

Page Tools