First you need to edit the ipsec.conf and ipsec.secrets file for your tunnel. Your ipsec.conf file should look something like this:
Code:
conn yourfriend
authby=secret
left=yourself.dyndns.biz
leftsubnet=192.168.9.0/24
right=yourfriend.dyndns.biz
rightsubnet=192.168.0.0/24
pfs=yes
The ipsec.secrets file should look something like:
Code:
yourself.dyndns.biz yourfriend.dyndns.biz: PSK "your shared password secret xxxx"
The ipsec.secrets file also documents the setup for an rsa public key exchange, which is more secure, but many of the appliance routers with vpn capability only support PSK
The next problem with configuring IPSEC will be putting the right holes in your firewall. I found the
Shorewall firewall made the configuration easier.