Strongswan now supports PAM authentication

November 07, 2012 at 07:40 AM | categories: Centos, Sysadmin, RHEL, Linux, Tips, Security, IPSEC | View Comments
Strongswan release 5.0.1 includes a XAuth PAM plugin which requests username/password XAuth credentials and verifies them against Pluggable Authentication Modules (PAM). This plugin is not enabled by default to enable it you need to add the following to your ./configure...

Strongswan now supports Cisco unity extensions

November 07, 2012 at 07:40 AM | categories: Centos, Sysadmin, RHEL, Linux, Tips, Security, IPSEC | View Comments
I previously wrote about setting up split tunneling on Strongswan using the attr-sql plugin With the release of Strongswan 5.0.1 it is no longer the only way to support split tunneling. Strongswan 5.0.1 introduces the unity plugin which allows for...

IOS 6 Breaks Certificate based IPSEC VPNs

September 29, 2012 at 11:30 AM | categories: Mac OS X, Tips, IPSEC | View Comments
I have found that the recent release of IOS 6 breaks Certificate based IPSEC VPN functionality. IPSEC VPNs using preshared keys still do work however. A number of other users report the having the same issue, if IPSEC VPN functionality...

Mac OSX IPSEC VPN via command line using builtin Racoon client

September 19, 2012 at 07:30 AM | categories: Mac OS X, Howto, Sysadmin, Linux, Tips, Security, IPSEC | View Comments
The Mac OSX IPSEC VPN client setup via "System preferences" only supports IPSEC/XAUTH and IPSEC/L2TP both of which give you a different IP address for your tunnel interface. System preferences on the backend uses Racoon so it is possible...

IPSEC split tunneling VPN with Mac OSX and Strongswan 5 on Centos/RHEL 6

September 01, 2012 at 10:08 AM | categories: Centos, Mac OS X, Howto, Sysadmin, RHEL, Linux, Tips, Security, IPSEC | View Comments
In my previous post i described how to setup an IPSEC VPN for use with Iphone, Ipad and Mac OSX IPSEC VPN clients. This post describes how to enable split tunneling which is supported by the Mac OSX IPSEC...

Iphone/Ipad/Mac OSX IPSEC VPN with Strongswan 5 on Centos/RHEL 6

August 23, 2012 at 10:21 AM | categories: Centos, Mac OS X, Howto, Sysadmin, RHEL, Linux, Tips, Security, IPSEC | View Comments
This howto describes setting up an IPSEC VPN for use with the Iphone, Ipad and Mac OSX VPN clients on Centos/RHEL 6. I am using the 5.x branch of Strongswan which is now the mainline actively maintained branch. At...