Every Internet-connected network has two sides, the inside and the outside. Hosts on the inside can be reached directly, without the help of another host. The inside network is often called the LAN, which stands for Local Area Network. Sometimes people distinguish the LAN from a remote network according to who administers the hosts. An organization can have several local networks that fall into the larger corporate network. If you look at the corporate network as a whole versus the Internet, then you can call that corporate network the LAN too. We will be focusing on the technical aspects of networks. When we say local network, we mean this from the technical point of view. Two machines are in the same local network if they can communicate to each other without the help of a third host, even if they are five buildings and six kilometers apart, or end up belonging to a different company department and system administrator. The entire local network of all machines that can talk to each other without a third host is also called a subnet. The term subnet originates from the old days when we still spoke about classes. If you had a class B network, you could subnet this class into C classes and give separate buildings or departments their own subnet. These days we still speak of subnets, but more in a sense that every network on the Internet is a subnet of that Internet.
Openswan: Building and Integrating Virtual Private Networks
By :
Openswan: Building and Integrating Virtual Private Networks
By:
Overview of this book
<p>With the widespread use of wireless and the integration of VPN capabilities in most modern laptops, PDA's and mobile phones, there is a growing desire for encrypting more and more communications to prevent eavesdropping. Can you trust the coffee shop's wireless network? Is your neighbor watching your wireless? Or are your competitors perhaps engaged in industrial espionage? Do you need to send information back to your office while on the road or on board a ship? Or do you just want to securely access your MP3's at home? IPsec is the industry standard for encrypted communication, and Openswan is the de-facto implementation of IPsec for Linux.</p>
<p>Whether you are just connecting your home DSL connection with your laptop when you're on the road to access your files at home, or you are building an industry size, military strength VPN infrastructure for a medium to very large organization, this book will assist you in setting up Openswan to suit those needs.</p>
<p>The topics discussed range from designing, to building, to configuring Openswan as the VPN gateway to deploy IPsec using Openswan. It not only for Linux clients, but also the more commonly used Operating Systems such as Microsoft Windows and MacOSX. Furthermore it discusses common interoperability examples for third party vendors, such as Cisco, Checkpoint, Netscreen and other common IPsec vendors.</p>
<p>The authors bring you first hand information, as they are the official developers of the Openswan code. They have included the latest developments and upcoming issues. With experience in answering questions on a daily basis on the mailing lists since the creation of Openswan, the authors are by far the most experienced in a wide range of successful and not so successful uses of Openswan by people worldwide.</p>
Table of Contents (22 chapters)
Building and Integrating Virtual Private Networks with Openswan
Credits
About the Authors
Acknowledgements
About the Reviewers
Preface
Free Chapter
Introduction
Practical Overview of the IPsec Protocol
Building and Installing Openswan
Configuring IPsec
X.509 Certificates
Opportunistic Encryption
Dealing with Firewalls
Interoperating with Microsoft Windows and Apple Mac OS X
Interoperating with Other Vendors
Encrypting the Local Network
Enterprise Implementation
Debugging and Troubleshooting
Unresolved and Upcoming Issues
Networking 101
Openswan Resources on the Internet
IPsec-Related Requests For Comments (RFCs)
Customer Reviews