Re: Hibernate and OpenVPN

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 2010-03-22 at 21:43 +0000, Timothy Murphy wrote:
> Greg Woods wrote:
> 
> > Related to the original topic, I use an ipsec-tools style VPN, and it
> > recovers automatically on wakeup.
> 
> I'm not sure what this means.
> What did you do, exactly?

To fully answer this question would be a major research project, since
it has been an ongoing project for several years and I have never really
documented everything I did. But basically it involves installing the
ipsec-tools package, creating a racoon.conf file on each end, generating
a cert for the server and client (and installing them on each side), and
generating an appropriate config file for "setkey" to route traffic
through the tunnel. Cert authentication can happen with no intervention,
the tunnel is set up inside the kernel automatically. The racoon daemon
is only for doing the session key negotiation (IKE).

Complicating this has been dealing with one of the clients being behind
a NAT box, the NAT box itself having a dynamic IP address, etc. But it
works reliably and it comes up automatically on resume.

You can start with the ipsec-tools home page at:

http://ipsec-tools.sourceforge.net/

--Greg



-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux