ipsec - yar145/mytestrepo1 GitHub Wiki
Libreswan as an IPsec VPN implementation
Chapter 4. Configuring a VPN with IPsec
Install the libreswan packages:
yum install libreswan
If you are re-installing Libreswan, remove its old database files and create a new database:
systemctl stop ipsec
rm /etc/ipsec.d/*db
ipsec initnss
Start the ipsec service, and enable the service to be started automatically on boot:
systemctl enable ipsec --now
Configure the firewall to allow 500 and 4500/UDP ports for the IKE, ESP, and AH protocols by adding the ipsec service: