Upgrade OpenSwan



I currently am running openswan on debian 5 and would like to create a new instance with debian 6 and the latest version of openswan.

It is not an overly simple setup. We have a few site-to-site ipsec vpn's and one setup for roadwarriors all using certificates.

I would like the authentication to move from the current (old) samba domain controller to our new Active Directory dc. Also I would like to enable the possibility of using mac clients for the roadwarriors - I believe our current setup requires a machine certificate change for this to happen.

As it is all certificate based - I would like the least amount of disruption as possible.

There is also a ipip tunnel setup directly to the iptables firewall which would need to be recreated.


Skills: Active Directory, Linux, System Admin

See more: vpn site to site, vpn ipsec, Samba, openswan, linux firewall, iptables, ipsec, dc current, certificate setup, linux tunnel create, site site tunnel, firewall debian, ipsec tunnel, directly mac, linux site site ipsec, linux ipsec, vpn domain, ipsec vpn tunnel, active directory 2012, machine domain controller, linux upgrade, setup mac, openswan ipsec iptables, site site vpn openswan, linux iptables active directory

Project ID: #2652112