Questions tagged [ipsec]

IPsec (Internet Protocol Security) is a protocol for securing IP communications by authenticating and encrypting each IP packet of a communication session.

IPsec (Internet Protocol Security) is a protocol for securing IP communications by authenticating and encrypting each IP packet of a communication session.

998 questions
81
votes
7 answers

OpenVPN vs. IPsec - Pros and cons, what to use?

Interestingly I have not found any good search results when searching for "OpenVPN vs IPsec". So here's my question: I need to set up a private LAN over an untrusted network. And as far as I know, both approaches seem to be valid. But I do not know…
jens
  • 991
  • 1
  • 9
  • 10
47
votes
16 answers

64-bit Cisco VPN client (IPsec)?

Cisco VPN client (IPsec) does not support 64bit Windows. Worse, Cisco does not even plan to release a 64-bit version, instead they say that "For x64 (64-bit) Windows support, you must utilize Cisco's next-generation Cisco AnyConnect VPN…
mika
  • 1,466
  • 2
  • 12
  • 18
40
votes
2 answers

strongswan vs openswan

What are the differences between OpenSwan and StrongSwan? All I found is this comparison between the outdated FreeSwan and testing version of OpenSwan - i.e. current stable of OpenSwan is 2.6 (3.0 in comparison) and current stable for StrongSwan is…
Maciej Piechotka
  • 667
  • 1
  • 6
  • 14
32
votes
4 answers

Is data always encrypted in IPv6 communications?

I can't seem to get a straight answer to this quesion. Wikipedia says "IPsec is an integral part of the base protocol suite in IPv6," but does that mean that ALL communications are always encrypted, or does it mean that encryption is optional, but…
alan
  • 323
  • 1
  • 3
  • 5
26
votes
1 answer

IPsec for Linux - strongSwan vs Openswan vs Libreswan vs other(?)

Searching for IPSec and Linux one inevitably will be confronted with different solutions (see below) which all seem quite similar. The question is: where is the difference? I found these projects. All of them are open source, all are active (have a…
masgo
  • 423
  • 1
  • 4
  • 11
25
votes
3 answers

Which ports for IPSEC/LT2P?

I have a firewall/router (not doing NAT). I've googled and seen conflicting answers. It seems UDP 500 is the common one. But the others are confusing. 1701, 4500. And some say I need to also allow gre 50, or 47, or 50 & 51. Ok, which ports are…
hookenz
  • 14,132
  • 22
  • 86
  • 142
21
votes
1 answer

How to set up strongswan or openswan for pure IPSEC with iPhone client?

I'm having trouble finding concrete, up-to-date information for how to set up strongswan or openswan to be used by the iphone's VPN client. My server is behind a budget linksys NAT router. I found this, but it mentions a whole bunch of .pem files…
Shabbyrobe
  • 557
  • 1
  • 7
  • 19
20
votes
2 answers

Is it possible for L2TP VPN to do auto route configuration for client during connected?

We've setup a L2TP VPN server with this tutorial, everything works like a charm. The only issue is We don't want client to route all traffic using this VPN, only a particular subnet, e.g. 10.0.0.0/20 On Mac, we need to set the route manually using…
Howard
  • 2,005
  • 11
  • 47
  • 70
19
votes
1 answer

With iptables, match packets arrived via IPSEC tunnel

I'm using IPSEC in a tunnel mode. How to make an iptables rule that will match only packets which arrived via IPSEC tunnel (i.e. after IPSEC decrypted them - not the IPSEC packets when they arrive and before decryption). The point is to have a…
Sandman4
  • 4,045
  • 2
  • 20
  • 27
19
votes
2 answers

Connect to a Fortinet VPN with Ubuntu

I don't know a lot about VPNs but I'd like to connect to a Fortinet VPN with Ubuntu. I can connect on Windows using Forticlient just by entering the policy server (vpn.theserver.com) and then it asks for a user/password. I use IPSec.
Dan
  • 323
  • 1
  • 3
  • 6
14
votes
2 answers

When would you use MPLS?

After having just spent months setting up a fairly complex VPN, I'm beginning to look at alternatives for the future. Some of my network providers use MPLS to connect to us, and I suppose it works fairly well. I know many ATM (automated teller…
Kyle
  • 1,849
  • 2
  • 17
  • 23
14
votes
3 answers

IPSec for LAN traffic: Basic considerations?

This is a follow-up to my Encrypting absolutely everything... question. Important: This is not about the more usual IPSec setup, where you want to encrypt traffic between two LANs. My basic goal is to encrypt all traffic within a small company's…
Chris Lercher
  • 3,982
  • 9
  • 34
  • 41
12
votes
3 answers

ipsec verify on ubuntu Two or more interfaces found, checking IP forwarding [FAILED]

Ubuntu 14.04, Openswan U2.6.38/K3.13.0-30-generic When I run ipsec verify I get this error. Two or more interfaces found, checking IP forwarding [FAILED] I see quite a few of this same question floating around. Has anybody finally found…
user236822
  • 121
  • 1
  • 1
  • 3
12
votes
2 answers

What's the protocol-level difference between IPSec and "Cisco IPSec"?

Most VPN clients distinguish between IPSec and "Cisco IPSec." For example, (Apple's) iOS treats them as essentially separate things. But I can't find any explanation of what the protocol-level differences are. They may be minor, but there definitely…
Dave Peck
  • 223
  • 1
  • 6
11
votes
5 answers

Security of PPTP vs IPSec

Is PPTP or IPSEC VPN more secure than the other for 'dial in' VPN, if so, why?
Kyle Brandt
  • 82,107
  • 71
  • 302
  • 444
1
2 3
66 67