Possible Solution for Setting up a Linux VPN Server to Encrypt WLAN Traffic of Macs and iPhones on

Posted by GorillaPatch on Server Fault See other posts from Server Fault or by GorillaPatch
Published on 2011-07-12T20:28:01Z Indexed on 2012/12/15 11:08 UTC
Read the original article Hit count: 245

Filed under:
|
|
|

I would like to set up a VPN server on debian linux to encrypt wireless traffic coming from my Mac or iOS device. I would like to use a certificate-based solution. Setting up a PKI infrastructure and managing certificates is OK for me.

1. Which server to pick?

By looking through the internet and here on stackoverflow I found the following possible solutions:

  • strongSwan
  • IPSec and racoon

Which solution is feasible for a linode running debian squeeze?

2. How to configure the network?

If I understood correctly a VPN has a virtual network interface as an endpoint on the server side. Naively I would think that I need a DHCP server running on the server to assign a dynamic private IP (like of the class C network 192.168.xxx.xxx) to the connecting clients. Next I think I would need to set up masquerading to NAT the incoming VPN traffic to the real interface directly connected to the internet.

Is this the right way to go? Do you have any configuration examples? I often saw VPN configurations used to connect to your home network, but that is not what I am looking for. I have a server up in the internet and want to use it as a proxy to encrypt traffic in insecure network environments like public WLANs.

© Server Fault or respective owner

Related posts about debian

Related posts about vpn