I have not done ipsec tunnels in linux since my one and only attempt at freeswan proved to be a whole 24 hours of frustration however I have run it very easily in steps taking about 15 minutes with FreeBSD. I assumed that by now freeswan should be useable and easy to setup since about 3 years have passed since my abortive attempt at setting it up.
That's true. I'd long run first time due to a NATing firewall between endpoints. But this is all history. There is an special version of freeswan the is full-blown and fully patched. Try this one [1]. Keep in mind that with kernel 2.6 the ipsec implementation has changed and is not longer freeswan based [2]. [1]http://www.freeswan.ca/code/super-freeswan/ [2]http://www.ipsec-howto.org/x237.html the bob -- http://www.hs-pongratz.de