[bdNOG] IPsec Vpn between windows 2008 server and linux server
Brian Candler
brian at nsrc.org
Sun Aug 17 21:15:34 BDT 2014
On 14/08/2014 05:55, atanvir at banglaphone.net.bd wrote:
>
> Dear All,
>
> I want to established point to point IPsec vpn between windows 2008
> server and linux server.
>
So, you have several options. Some of them depend on whether both
machines have static IPs, or whether one of them is on a dynamic IP
and/or behind NAT.
(1) Probably the simplest solution is to use OpenVPN. Install it on both
ends, write a config file at both ends, and start it up.
With a pre-shared key you can have a very simple configuration:
http://openvpn.net/index.php/open-source/documentation/miscellaneous/78-static-key-mini-howto.html
(2) Another simple software solution you can look at is TINC
(3) If both ends are on static IPs and not behind NAT then you can use
IPSEC Transport Mode to secure the connection. This requires installing
a persistent policy at the Windows end, and an IPSEC policy at the Linux
end (e.g. using racoon)
This is not for the faint hearted; and Microsoft kept changing the
syntax for the commands to use, so it's different for XP / Windows 2000
/ Windows 2003 etc. But you can google for it, and I can probably dig
out old notes if needed.
(4) Another possible solution is L2TP over IPSEC Transport Mode, which
will give you a virtual dial-up connection. But you will need to choose
one end as "server" (fixed IP, L2TP Network Server) and the other end as
"client" (dynamic IP, L2TP Access Concentrator) and the tools for doing
this are pretty hairy.
Regards,
Brian.
More information about the nog
mailing list