Changes

From SME Server
Jump to navigationJump to search

Libreswan (view source)

Revision as of 16:20, 22 June 2016

149 bytes added ,  16:20, 22 June 2016
→‎Settings
Line 78: Line 78:  
config setprop ipsec status enabled access public
 
config setprop ipsec status enabled access public
   −
Note for ipsec_connections we use 'set' when we create new connection. Thereafter you can modify it with setprop
+
Note for ipsec_connections we use 'set' when we create new connection. Thereafter you can modify it with setprop.
   −
Local - WAN IP 5.6.7.8 Local IP 192.168.20.1 Subnet 192.168.20.0/24
+
Note most people refer to East and West rather than Local and Remote. There is a very good reason for this if you start using RSA keys !
 +
 
 +
Server East - WAN IP 5.6.7.8 Local IP 192.168.20.1 Subnet 192.168.20.0/24
 
  db ipsec_connections set MyEast ipsec status enabled leftsourceip 192.168.20.1 leftsubnet 192.168.20.0/24 right 1.2.3.4 rightsubnet 10.0.0.0/24 passwd MyPassWd
 
  db ipsec_connections set MyEast ipsec status enabled leftsourceip 192.168.20.1 leftsubnet 192.168.20.0/24 right 1.2.3.4 rightsubnet 10.0.0.0/24 passwd MyPassWd
   −
Remote - WAN IP 1.2.3.4 Local IP 10.0.0.1 Subnet 10.0.0.0/24
+
Server West- WAN IP 1.2.3.4 Local IP 10.0.0.1 Subnet 10.0.0.0/24
 
  db ipsec_connections set MyWest ipsec status enabled leftsourceip 10.0.0.1 leftsubnet 10.0.0.0/24 right 5.6.7.8 rightsubnet 192.168.20.0/24 passwd MyPassWd
 
  db ipsec_connections set MyWest ipsec status enabled leftsourceip 10.0.0.1 leftsubnet 10.0.0.0/24 right 5.6.7.8 rightsubnet 192.168.20.0/24 passwd MyPassWd
  
Retrieved from "https://wiki.koozali.org/Special:MobileDiff/31538"

Navigation menu