Open main menu

OpenVZ Virtuozzo Containers Wiki β

Changes

VPN using IPsec

1,108 bytes added, 00:46, 16 November 2007
How to get vpnc working
An OpenVZ VE can join an IPsec VPN - specifically the type provided by the Cisco VPN client and 'vpnc' package.

== Using the Cisco VPN client ==

The Cisco VPN client can be downloded from Cisco, if you have an account with them. It builds a kernel module.

I have not tested this, so I don't have any instructions to set it up.

[[User:Elronxenu|Elronxenu]] 19:46, 15 November 2007 (EST)

== Using the 'vpnc' package ==

The vpnc package is part of Debian.
It runs entirely in userspace. There's a daemon which communicates with a remote VPN gateway and provides a local TUN device as a network interface for the VE to use.
Here are brief instructions to get it going:

# Use revision ovz028stab047 or later. Earlier revisions are unable to create a raw socket of the necessary protocol.
# Enable the TUN device within your VE. See [[VPN via the TUN/TAP device]].
# Firewall configuration: allow UDP port 500 in and out of your client. This is used for authentication setup.
# Firewall configuration: allow protocol 50 (0x32) in and out of your client. This is used for VPN data.



[[Category:Networking]]
38
edits