This article is a brief instruction to configure a Cisco AP taken from a 887W router. This example shows two SSIDs on the same radio interface which are bridged to VLANs on the host router. Enable integrated routing and bridging
IPSEC tunnels using OpenSWAN
1) Install openswan yum -y install openswan 2) Clean up install defaults: rm -r /etc/ipsec.d/*.db; rm -f /etc/ipsec.secrets; certutil -N -d /etc/ipsec.d/ (Leave passwords blank) 3) Generate RSA keys. This must be done on each host (sometimes takes 4-6 minutes)
Openswan behind NAT
I found that although there must be many cases where one endpoint of the tunnel is behind a NAT router there wasn’t much detail about the configuration required to get the connection working. I found it very difficult to establish
NHRP with Spoke to Spoke Connectivity
NHRP can be used to provide an overlay VPN which dynamically initiates tunnels between nodes. Previously it was only possible to manually create tunnels which meant that it wasn’t scalable and the topology was restricted to a hub-spoke solution (realistically
Creating Self-Signed Certificates
This can be useful for adding SSL to development websites. It doesn’t replace a proper certificate from an established certificate authority but it can save the cost of purchasing while the site isn’t live.