Hi! I am not a completely unexperienced user of Debian, but sometimes certain subsystems and choices still puzzle me. Right now this is IPSec.
There used to be several implementations, but am I right that the only sensible one right now is Strongswan? https://wiki.debian.org/IPsec goes on about the "experimental" Linux 2.5 series and "now that Sarge is released", i.e. is woefully out of date, so much that I would call it confusing. Is there some more recent documentation on setting up an ipsec tunnel on Debian in 2019 (and not in 2009 ;) or should I just go by the StrongSwan docs, e.g. https://www.strongswan.org/testing/testresults/swanctl/net2net-psk/ ? Strongswan seems to have two configuration systems, the "deprecated" stroke plugin with ipsec.conf and the "preferred" vici plugin with "swanctl.conf". Should I use the "deprecated" stuff with Debian nevertheless? Or am I completely wrong and should I use some other implementation? TIA /ralph -- ----------------------------------------------------------------------------- https://aisg.at ausserirdische sind gesund
