[windexh8er]

Seeing all the complaints in here of how hard this is to setup brings back memories. I was the lead consultant on a project between a very large US retailer and Centrify to build a product called DirectSecure. It's generally very easy to deploy IPsec policy in a Windows environment via GPO and the customer wanted that to flow down into their nix environments. Centrify, having good hooks in to AD already, was chosen to build a product that did just the same thing in their nix environments by consuming IPsec configuration out of GPO.

While not a sales pitch, and in fact I don't think the product seems to have sold well anyway, it was very interesting to work with them on the test harness we built to validate correct IPsec operations, configuration, validation that data wasn't leaking outside of the SAs that were being provisioned, and performance via the translated policy. The relatable component was this was mainly done against StrongSwan implementations of the IKE daemon if I remember correctly (Linux, AIX and Solaris mainly). I wonder if any of those bits flowed back upstream or if the bolt-on aspect kept that from happening.

StrongSwan isn't complex if you are well versed in IPsec implementation as a whole. It's no more or less complicated than other implementation and is "better" than TLS in it's own right with regard to things that could go wrong. In static environments it's relatively painless once the learning curve is overcome.

That being said I feel like IPsec has a badge it will never get rid of and people discard it before attempting implementation at this point. Hopefully, as mentioned amongst the comments, things like WireGuard will mature and become more mainstream. I very much like the concept carry over that both IPsec and WireGuard can be silent actors within the network not giving away hosts as things like OpenVPN and SSH do. IPsec can, unfortunately, also be implemented to squawk at spurious connection attempts - but at least doesn't rely on the premise as much as things like OpenVPN and SSH do.

And for the record - you can tell someone who's dealt with IPsec extensively since they won't refer to it as IPSec. o_O Microsoft is notorious for getting it wrong.

[dguido]

For an easier way, try Algo. Algo is a set of Ansible scripts that helps you deploy a fully functional StrongSwan IPSEC server with the most secure settings available:

https://github.com/trailofbits/algo

It even generates Apple profiles to auto configure your iPhone!

[gmac]

I have a simple bash script that does something similar, including the Apple profile, and also gets you a Let's Encrypt server cert that auto-renews.

https://github.com/jawj/IKEv2-setup

[dguido]

Bash is not idempotent, using a public CA has downsides, and MSCHAP has known weaknesses that make the crypto easier to bruteforce.

[gmac]

Right. On the other hand, a Bash script has a low barrier to entry, it's handy not to have to install certificates on the client, and the highest possible security is not always top priority (if, for example, you're just trying to evade your government's illiberal bulk domain/IP address collection policies). Swings and roundabouts, I'd say.

[thelittleone]

Another great option is the Streisand privacy stack. Streisand sets up a new hosted server running L2TP/IPsec, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, a Tor bridge, and WireGuard. Once the ansible scripts complete (10-20mins), it shows you an HTML page with client config instructions.

https://github.com/jlund/streisand

[orf]

Strongswan is indeed complex to setup. I tried on my server, and ended up using this docker image[1].

Was pretty painless.

1. https://github.com/hwdsl2/docker-ipsec-vpn-server

[thesmok]

I started docker image by gaomd[1] on my $5 Digital Ocean server. It generates .mobileconfig files for mac/iOS. Setting it up and connecting was super easy.

1. https://github.com/gaomd/docker-ikev2-vpn-server

[benmmurphy]

i have a slightly different opinion of ipsec vs tls and this is probably mostly formed because it is being 'abused' where we use it. so we have a bunch of point to point connections to other companies and all of these companies except for one that uses http as its protocol has chosen to use ipsec to protect the connections. it believe it would be much better operationally and in terms of security if these connections were protected by TLS instead.

have a look at how 'rekeying' is done. look at the numerous bugs in strongswan issue tracker related to this. the whole protocol is a shit show and it is really surprising that anything actually works between different vendors.

[newman314]

Do you have a write up anywhere of best practices?