Editing VPN using IPsec
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone.
Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
− | An OpenVZ | + | An OpenVZ VE can join an IPsec VPN - specifically the type provided by the Cisco VPN client and 'vpnc' package. |
== Using the Cisco VPN client == | == Using the Cisco VPN client == | ||
Line 12: | Line 12: | ||
The vpnc package is part of Debian. | The vpnc package is part of Debian. | ||
− | It runs entirely in userspace. There's a daemon which communicates with a remote VPN gateway and provides a local TUN device as a network interface for the | + | It runs entirely in userspace. There's a daemon which communicates with a remote VPN gateway and provides a local TUN device as a network interface for the VE to use. |
Here are brief instructions to get it going: | Here are brief instructions to get it going: | ||
# When using kernel 2.6.18, use revision ovz028stab047 or later. Earlier revisions are unable to create a raw socket of the necessary protocol. | # When using kernel 2.6.18, use revision ovz028stab047 or later. Earlier revisions are unable to create a raw socket of the necessary protocol. | ||
− | # Enable the TUN device within your | + | # Enable the TUN device within your VE. See [[VPN via the TUN/TAP device]]. |
# Firewall configuration: allow UDP port 500 in and out of your client. This is used for authentication setup. | # Firewall configuration: allow UDP port 500 in and out of your client. This is used for authentication setup. | ||
# Firewall configuration: allow protocol 50 (0x32) in and out of your client. This is used for VPN data. | # Firewall configuration: allow protocol 50 (0x32) in and out of your client. This is used for VPN data. |