My Oracle Support Banner

Oracle Linux: How to Configure IPsec to Secure Host-to-Host Communications Using Libreswan. (Doc ID 2293892.1)

Last updated on AUGUST 15, 2021

Applies to:

Oracle Cloud Infrastructure - Version N/A and later
Linux OS - Version Oracle Linux 6.0 and later
Linux x86-64

Goal

This document describes how to configure IPsec (Internet Protocol Security) on Oracle Linux to secure host-to-host communications by using libreswan, which is a variant of openswan.

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
 Overview
 Prepare Environment
 Install libreswan
 Configure Basic IKE/IPsec Parameters
 conn
 type
 auto
 phase2
 pfs
 ikelifetime
 salifetime
 left/leftid/right/rightid
 authby
 authby=secret
 authby=rsasig
 Configure IPsec for Host-to-Host Connectivity using PSK
 Configure IPsec for Host-to-Host Connectivity using RSA Signatures
 Generate ISAKMP and IPsec SAs
 Verify Host-to-Host Connectivity
 Closing Remarks

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.