Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
|
configuration:ipsec [2020/06/30 06:26] dodenhoeft [SideB] |
configuration:ipsec [2020/06/30 06:50] dodenhoeft [Network setup] |
||
|---|---|---|---|
| Line 54: | Line 54: | ||
| ===== Network setup ===== | ===== Network setup ===== | ||
| - | For this configuration we will use the most common mode, __**the tunnel mode**__. | + | For this configuration we will use the most common mode, __**the tunnel mode**__. For this example we are using PSK as authentification method. |
| {{:configuration:ipsec1.png|}} | {{:configuration:ipsec1.png|}} | ||
| Line 91: | Line 91: | ||
| |Authentication algorithm|SHA256|Authentication algorithm|SHA256| | |Authentication algorithm|SHA256|Authentication algorithm|SHA256| | ||
| |SA life time|28800 sec|SA life time|28800 sec| | |SA life time|28800 sec|SA life time|28800 sec| | ||
| - | |Perfect forward secrecy (PFS)| - |Perfect forward secrecy (PFS)| - | | + | |Perfect forward secrecy (PFS)|disable|Perfect forward secrecy (PFS)|disable| |
| |Force encapsulation|enable|Force encapsulation|enable| | |Force encapsulation|enable|Force encapsulation|enable| | ||
| ^Networks^Parameter^Networks^Parameter^ | ^Networks^Parameter^Networks^Parameter^ | ||
| Line 98: | Line 98: | ||
| |Remote network|192.168.2.0|Remote network|192.168.1.0| | |Remote network|192.168.2.0|Remote network|192.168.1.0| | ||
| |Remote netmask|24|Remote netmask|24| | |Remote netmask|24|Remote netmask|24| | ||
| + | |||
| + | All necessary firewall rules for the IPsec functionality will be set automatically, with the enable of the IPsec service. | ||