Florin Andrei
2015-Apr-14 18:07 UTC
[CentOS] state of IPSec VPN on CentOS 7: Openswan, strongSwan, RPM packages
I looked in the yum repositories for CentOS 7 and I noticed that there are no packages for any of the major open source IPSec VPN apps - Openswan, strongSwan, etc. I'm pretty sure CentOS 6 had Openswan packages. What is the current consensus w.r.t. building an IPSec VPN "server" (concentrator, whatever) on CentOS 7, that will do site-to-site connections with Cisco hardware at the other end? Is any of the *swan apps still considered the best option for that? Any guidelines w.r.t. IPSec VPN in general on this platform? Thanks. -- Florin Andrei http://florin.myip.org/
Eero Volotinen
2015-Apr-14 18:11 UTC
[CentOS] state of IPSec VPN on CentOS 7: Openswan, strongSwan, RPM packages
2015-04-14 21:07 GMT+03:00 Florin Andrei <florin at andrei.myip.org>:> I looked in the yum repositories for CentOS 7 and I noticed that there are > no packages for any of the major open source IPSec VPN apps - Openswan, > strongSwan, etc. I'm pretty sure CentOS 6 had Openswan packages. > > What is the current consensus w.r.t. building an IPSec VPN "server" > (concentrator, whatever) on CentOS 7, that will do site-to-site connections > with Cisco hardware at the other end? Is any of the *swan apps still > considered the best option for that? >I think epel-7 repo provides strongwan ipsec package that is required to connect to cisco asa. -- Eero
Gordon Messmer
2015-Apr-14 18:25 UTC
[CentOS] state of IPSec VPN on CentOS 7: Openswan, strongSwan, RPM packages
On 04/14/2015 11:07 AM, Florin Andrei wrote:> I looked in the yum repositories for CentOS 7 and I noticed that there > are no packages for any of the major open source IPSec VPN apps - > Openswan, strongSwan, etc. I'm pretty sure CentOS 6 had Openswan packages.libreswan replaced openswan, and is available in the CentOS 7 repo.
Florin Andrei
2015-Apr-14 18:40 UTC
[CentOS] state of IPSec VPN on CentOS 7: Openswan, strongSwan, RPM packages
On 2015-04-14 11:25, Gordon Messmer wrote:> On 04/14/2015 11:07 AM, Florin Andrei wrote: >> I looked in the yum repositories for CentOS 7 and I noticed that there >> are no packages for any of the major open source IPSec VPN apps - >> Openswan, strongSwan, etc. I'm pretty sure CentOS 6 had Openswan >> packages. > > libreswan replaced openswan, and is available in the CentOS 7 repo.I just noticed that strongSwan is in EPEL. I'm also looking at this comment on ServerFault: http://serverfault.com/a/655752/24406 If that is accurate, the documentation, and the clustering / load balancing might tilt the balance in the direction of strongSwan. -- Florin Andrei http://florin.myip.org/
Reasonably Related Threads
- state of IPSec VPN on CentOS 7: Openswan, strongSwan, RPM packages
- state of IPSec VPN on CentOS 7: Openswan, strongSwan, RPM packages
- state of IPSec VPN on CentOS 7: Openswan, strongSwan, RPM packages
- state of IPSec VPN on CentOS 7: Openswan, strongSwan, RPM packages
- Centos6 ipsec troubles