This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!
FireBrick to Openswan Strongswan IPsec (Howto)
yum install openswan
(strongswan is much nicer, but not in yum on centos5. On centos6, use strongswan)
In /etc/ipsec.conf uncomment
Put following two files in /etc/ipsec.d/ :
myFireBrick.conf: conn myFireBrick authby=secret auto=start ikev2=insist left=CentOS.IP.Address leftid=CentOS.IP.Address leftsubnet=CentOS.IP.Address/32 right=FireBrick.IP.Address rightid=FireBrick.IP.Address rightsubnet=FireBrick.LAN.SUBNET/24
CentOS.IP.Address FireBrick.IP.Address : PSK "yourpasswordhere"
chkconfig ipsec on service ipsec start
Put the following in the FB at the other end:
<connection name="IPSec" peer-ips=CentOS.IP.Address" auth-method="Secret" secret="yoursecrethere" internal-ipv4="FireBrick.LAN.IP.Address" routes="CentOS.IP.Address" log="default"/>