IPsec is a very powerful protocol. Properly used, it can provide a high degree of integrity and confidentiality of data transiting a network. Since these are two traits wireless networks generally do not have, IPsec is a natural supplement for wireless networks.
Unfortunately, like any protocol as powerful as IPsec is, it can be difficult to set up. There are many different parts of the IPsec protocol and many configurable options. However, if your network requires the high levels of security IPsec offers, then fighting through the setup is worth the effort. A word of advice: if possible, try to start with a homogeneous IPsec environment. For your first IPsec connection, attempt to connect two machines of the same operating system. While there is only one IPsec protocol, there are many different ways to configure and use it. It is much easier to configure a FreeBSD to FreeBSD IPsec tunnel than a FreeBSD to Linux tunnel.
This section is designed to be a crash course in setting up a VPN on your wireless network. For a more thorough presentation of setting up an IPsec VPN, visit Tina Bird’s VPN web site at http://vpn.shmoo.com/.
IPsec can operate in two different modes. Transport mode is used to send protected traffic between two nodes. A gateway between two endpoints cannot perform transparent mode encryption. In transparent mode, a new header is placed on the original IP packet to allow for the cryptographic functions to be applied to the packet. An ...