Possible Solution for Setting up a Linux VPN Server to Encrypt WLAN Traffic of Macs and iPhones on
Posted
by
GorillaPatch
on Server Fault
See other posts from Server Fault
or by GorillaPatch
Published on 2011-07-12T20:28:01Z
Indexed on
2012/12/15
11:08 UTC
Read the original article
Hit count: 245
I would like to set up a VPN server on debian linux to encrypt wireless traffic coming from my Mac or iOS device. I would like to use a certificate-based solution. Setting up a PKI infrastructure and managing certificates is OK for me.
1. Which server to pick?
By looking through the internet and here on stackoverflow I found the following possible solutions:
- strongSwan
- IPSec and racoon
Which solution is feasible for a linode running debian squeeze?
2. How to configure the network?
If I understood correctly a VPN has a virtual network interface as an endpoint on the server side. Naively I would think that I need a DHCP server running on the server to assign a dynamic private IP (like of the class C network 192.168.xxx.xxx) to the connecting clients. Next I think I would need to set up masquerading to NAT the incoming VPN traffic to the real interface directly connected to the internet.
Is this the right way to go? Do you have any configuration examples? I often saw VPN configurations used to connect to your home network, but that is not what I am looking for. I have a server up in the internet and want to use it as a proxy to encrypt traffic in insecure network environments like public WLANs.
© Server Fault or respective owner