About Me
GnuPG Public Key Still More
Photos
Projects
WeIDS 2.0 Linux Lessons WiFi Auth Project
Documentation
Acer Aspire 2012 WLMi Acer TM 4002 WLMi IR-receiver (Win)(NL)
Links
Ubuntu Belgium Planet Grep
About Me
GnuPG Public Key Still More
Photos
Projects
WeIDS 2.0 Linux Lessons WiFi Auth Project
Documentation
Acer Aspire 2012 WLMi Acer TM 4002 WLMi IR-receiver (Win)(NL)
Links
Ubuntu Belgium Planet Grep
Communication is often the first problem. IPSec has a lot of options. Depending on the vendor, some may not even be configurable. People usually just know the few options they can set in their management UI, but know nothing about all the hardcoded values, which are important if you want to set up a VPN between devices of different brands.
The main difference is usually how the devices deal with multiple subnets at either end of the tunnel. Say you have 192.168.1.0/24 and 192.168.2.0/24 on one end and 192.168.100.0/24 at the other end. Some vendors can simply create 1 VPN and route all the traffic through. Others will set up two VPNs, one between 192.168.1.0/24 and 192.168.100.0/24 and one between 192.168.2.0/24 and 192.168.100.0/24.
Few devices are flexible enough to allow both methods.
I have a template which I always use to communicate/negotiate the VPN configuration settings with the remote side. If they know their stuff, it usually takes only a few minutes to configure the VPN.
But don't try setting up VPNs with home users devices such as Dlink unless you have to much spare time. Decent firewalls cost only a couple hundred euros, no matter what brand you choose. That is a lot less than you would spend paying someone by the hour to debug the problem.