Creating a Linux<-WinXP VPN with OpenSwan
 

Hi everybody, I need your help.
I have a small LAN with a Linux Fedora 3 box, which is used as a gateway into the internet. What I want to do is that I create a OpenSwan VPN server on the Linux machine and create a tunnel with my friend over the net. I've downloaded and rpm'd the needed package, but now what? Help documents say that i should start IPsec service, so i run "/sbin/service ipsec start", that works. But then the documentation refers to using ipsec command with various parameters, but the console says "ipsec: command not found". Also, when I start the Ipsec service, I cannot connect to the net form my LAN computers.
Can anyone tell me what am I doing wrong?

First you need to edit the ipsec.conf and ipsec.secrets file for your tunnel. Your ipsec.conf file should look something like this:
The ipsec.secrets file should look something like:
The ipsec.secrets file also documents the setup for an rsa public key exchange, which is more secure, but many of the appliance routers with vpn capability only support PSK

The next problem with configuring IPSEC will be putting the right holes in your firewall. I found the Shorewall firewall made the configuration easier.

A bit dfferent problem now
 

Thank you for your reply. I have a bit different problem now. I have been looking into Openswan, and I found this step-by-step Openswan VPN guide here, which is absolutley prefect, exept one thing. Openswan won't accept the text I am supposed to enter into ipsec.conf . Can you help me format that text so that it will work?
thank you

Yes, though I'm by no means an expert. Other useful debugging commands are:
ipsec verify
and
ipsec barf

Thank you. I will appreciate any help with getting the ipsec.conf work.