All posts tagged cryptography

Easy(ish) IPSec VPN with Shared ECDSA Certificates for Host to Host Connections


Let me start off by saying that using certificates for your IPSec VPNs adds another layer of complexity onto your connections. However what I’ve tried to do is to make this how to guide as easy to follow as I possibly can.

By using certificates we can negate the requirements to use pre shared keys and thus are considered more secure and if we have lots of tunnels it means we don’t have to worry about having a separate key for each connection therefore providing a great deal of scalability.

Continue reading →

Configuring Suite B, VPN-A and VPN-B in IPSec with Strongswan


Many vendors have got the various IPSec standards already implemented within their products for ease of use.  This is my configuration for matching these standards with Strongswan.

It’s always nice to use a standard; they come from RFCs so have some level of scrutiny and make things interoperable.  These suites in my experience tend to be the ones which are implemented most widely.  As a security professional I’m happy that someone has investigated the best solutions with which to use.

Continue reading →

How to Create a Site to Host VPN on Ubuntu for AWS, Azure and Linode with pfsense


This tutorial will guide you through setting up a VPN from your pfsense firewall router, to your Ubuntu server hosted in the cloud.  Many of these vendors have the capability to setup a site to site VPN through the control panels, but this tutorial doesn’t require anything except for an external IP address on your Linux box.
Continue reading →

IPSec VPN Host to Host on Windows 2012 R2 and Ubuntu 14.04


After one of my recent tutorials about a host to host Linux VPN this post is a how to create a host to host VPN between Windows 2012 and Ubuntu 14.04.  We’ll be using the inbuilt Windows Firewall with Advanced Security and Strongswan.

A lot like my last tutorial I couldn’t find any decent information out there how to get an IPSec connection between Microsoft and Linux, but since IPSec is an open standard I was confident it should work. After spending a lot of time working through how to do this I decided to write this post to hopefully help other people out in the same situation.

Continue reading →

IPSec VPN Host to Host on Ubuntu 14.04 with strongSwan


After spending a crazy amount of time trying to find something up to date regarding network security and host to host VPN I decided to write something which will hopefully be useful to other people in the same situation.

Setting up a host to host IPSec connection between two or more hosts running Ubuntu isn’t always a simple process. We want encryption to protect all the communication between two hosts and for this tutorial we will be using what I feel to be the simplest method of using Pre-shared Keys (PSK).

Continue reading →