IPSec Interoperability between OpenBSD, Linux and Sonicwall

IPSec (IP Security protocol) has become an important tool for network engineers to provide enhanced security in company communications over the Internet. In the enterprise environment, hardware based Virtual Private Network (VPN) devices are available to handle hundreds of IPSec tunnels simultaneously. The OpenBSD project, the Linux FreeS/WAN project and Sonicwall Inc. have each produced cost effective IPSec implementations with excellent reliability. Collectively, they are helping to improve security for the small and medium sized organizations. However, it is not uncommon for interoperability to become an issue. The complexity of the IPSec protocol, the diversity between each solution's features and vast differences in device configuration can become a roadblock to setting up site to site VPN tunnels in a timely manner. Additionally, differing firewall configuration interfaces add to the challenge and therefore the viability of these otherwise useful technologies. This paper will briefly introduce these implementations and discuss some of the issues surrounding their interoperability. Additionally, a focused tutorial for quickly deploying these solutions is presented.