userdoc:tt_ipsec_vpn_strongswan

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
userdoc:tt_ipsec_vpn_strongswan [2021/02/13 08:32]
abelbeck [IPsec VPN (strongSwan) Configuration]
userdoc:tt_ipsec_vpn_strongswan [2021/03/02 08:11] (current)
abelbeck [IPsec VPN (strongSwan) Configuration]
Line 3: Line 3:
 AstLinux now supports the [[https://www.strongswan.org/|strongSwan]] package, an OpenSource IPsec-based VPN solution. AstLinux now supports the [[https://www.strongswan.org/|strongSwan]] package, an OpenSource IPsec-based VPN solution.
  
-The web interface Network tab, "IPsec Peers" and "IPsec Mobile" VPN Types are still supported using [[https://sourceforge.net/projects/ipsec-tools/|ipsec-tools (racoon)]], the "IPsec strongSwan" method is a more feature rich alternative to the other IPsec methods.+!!Note:!!  The ipsec-tools (racoon) support in AstLinux has been **removed** in !!AstLinux  1.4.2!!. The [[https://sourceforge.net/projects/ipsec-tools/|ipsec-tools (racoon)]] project is now abandoned and its source has been lagging behind in adapting to new threats.
  
-!!Note:!!  The ipsec-tools (racoon) support in AstLinux is **deprecated**, and will be **removed** in !!AstLinux  1.4.2!!. The ipsec-tools project is now abandoned and its source has been lagging behind in adapting to new threats.+The web interface Network tab, "IPsec Peers" and "IPsec Mobile" VPN Types that used ipsec-tools (racoon) has been **removed** in !!AstLinux  1.4.2!!., the "IPsec strongSwan" method is a more feature rich alternative to the other IPsec methods.
  
 Three key strongSwan features not found in ipsec-tools (racoon): Three key strongSwan features not found in ipsec-tools (racoon):
Line 15: Line 15:
 How does this apply within AstLinux ... How does this apply within AstLinux ...
  
-  * A point-and-click web interface like the deprecated IPsec Peers / IPsec Mobile would limit strongSwan features.+  * A point-and-click web interface like the removed IPsec Peers / IPsec Mobile would limit strongSwan features.
   * strongSwan is needed to support endpoints with changing IP's and dynamic DNS names using IKEv2 MOBIKE, racoon only supports IKEv1.   * strongSwan is needed to support endpoints with changing IP's and dynamic DNS names using IKEv2 MOBIKE, racoon only supports IKEv1.
   * strongSwan is needed to interoperate with [[https://en.avm.de/products/fritzbox/|AVM FRITZ!Box]]((Quality home routers/PBX, used by many ISPs. Good support from the vendor.)) routers, very common in Germany and other parts of Europe.   * strongSwan is needed to interoperate with [[https://en.avm.de/products/fritzbox/|AVM FRITZ!Box]]((Quality home routers/PBX, used by many ISPs. Good support from the vendor.)) routers, very common in Germany and other parts of Europe.
  • userdoc/tt_ipsec_vpn_strongswan.1613226756.txt.gz
  • Last modified: 2021/02/13 08:32
  • by abelbeck