48.7.5. IPsec Installation
ipsec-toolsRPM package be installed on all IPsec hosts (if using a host-to-host configuration) or routers (if using a network-to-network configuration). The RPM package contains essential libraries, daemons, and configuration files for setting up the IPsec connection, including:
/sbin/setkey— manipulates the key management and security attributes of IPsec in the kernel. This executable is controlled by the
racoonkey management daemon. Refer to the
setkey(8) man page for more information.
/usr/sbin/racoon— the IKE key management daemon, used to manage and control security associations and key sharing between IPsec-connected systems.
racoondaemon configuration file used to configure various aspects of the IPsec connection, including authentication methods and encryption algorithms used in the connection. Refer to the
racoon.conf(5) man page for a complete listing of available directives.
- To connect two network-connected hosts via IPsec, refer to Section 48.7.6, “IPsec Host-to-Host Configuration”.
- To connect one LAN/WAN to another via IPsec, refer to Section 48.7.7, “IPsec Network-to-Network Configuration”.