The best thing about Linux is that you can make it do just about anything. For many of you, Linux is possibly already your router, firewall, NAT server, and more. With a little work, you can easily extend your Linux setup to build a cost-effective WAN replacement in the form of IPSec VPN tunnels. In the article, the first of a two-part series, I’ll walk you through the installation process that will prepare you towards deploying your own Linux-based IPSec VPN servers. In the second part of the series we’ll take a look at configuring those servers so that you have the ability to allow encrypted communications to take place between 2 or more locations using the Internet as your virtual WAN.
When considering a VPN solution, it’s usually important to insist on two things. The first is that it supports at least end-toend tunnels and roaming users, the second being that it should be standards-based (that means IPSec support) to make interoperability with other systems possible when required. This article covers how to install and configure FreeS/WAN to create secure, IPSec-based VPN tunnels between locations. If your needs are relatively simple, you’ll have a secure Linux-based VP solution securing your traffic between locations in no time. If you want to get fancy, extending the design outlined here isn’t much more difficult at all.
The main purpose of deploying an IPSec-based VPN tunnel solution is as a replacement or backup for your current (and probably expensive) WAN links. Companies spend thousand of dollars on WAN infrastructure that can potentially be avoided with the proper implementation of a VPN over a standard (but hopefully high-speed) Internet link. The idea is to use Linux and an unsecured network (such as the Internet) as a vehicle for secure communications between two or more locations. This will provide easy and seamless connections to remote network servers and resources for our local network users.