(SAD) entries as well as Security Policy Database (SPD) entries in the kerne using the sekey command provided by linux kernel. 1. Transport Mode
ipsec-tools.conf_44
ipsec-tools.conf_64
c. Update IPSec data base using /etc/init.d/setkey start d. Ping the system using ping 192.168.15.64 and verify the packet at the other system using tcpdump esp. It should display the ESP packets in the packet capture. Note: The above configuration needs to be done on both the system. To use the above configuration on other system flip the in and out directives in the attached configuration file ipsec-tools.conf. Please refer the below link for more information:
https://help.ubuntu.com/community/IPSecHowTo
2. Tunnel Mode Establishing the IPSec between 192.168.15.44 and 192.168.15.64 in tunnel mode.
ipsec-tools.conf_Tunnel_44
ipsec-tools.conf_Tunnel_64
c. Define the forward policy using the spdadd. d. Update IPSec data base using /etc/init.d/setkey start e. Add the virtual IP on both the system a. Eg: ifconfig eth0:VirtualIP 172.16.1.10 UP
f. Ping the system using ping 192.168.15.64 and verify the packet at the other system using tcpdump esp. It should display the ESP packets in the packet capture. Note: The above configuration needs to be done on both the system. To use the above configuration on other system flip the in and out directives in the attached configuration file ipsec-tools.conf. Please refer the below link for more information:
https://help.ubuntu.com/community/IPSecHowTo