Welcome to Halil Demirezen's Tips Page

LinuxNetworkComputer VisionDatabasesProgrammingvmware

VPN: IPSEC on Centos 7.7 2020-01-28 11:36:59

This tutorial is intented to give an example implementation of ipsec tunnel and its configuration
on Linux side of the connection.

After a base installation of Centos, the additional packages below should be installed

yum install ipsec-tools
yum install libreswan

After enabling ipsec service with systemctl enable ipsec and start it with
systemctl start ipsec, we are stepping into the tunnel configuration step.

We are creating a new config file under /etc/ipsec.d directory. For example conn1.conf

conn conn1




conn1 is the name of the connection.
left is the public ip address of this host.
leftnexthop is our gateway address
leftsubnet is the subnets that you tell other side to route the tunnel. More specifically,
you are telling other side to direct packets to me for these subnets.

right is the public IP address of the other party
rightsubnets is the subnets which are behind other party, so any attempt to reach those
networks from my side will be directed to the tunnel. The rest are tunnel parameters
which should be same on other side configiuration.