cocovast.blogg.se

Set vpn ipsec site-to-site peer 1.1.1.1 authentication mode pre-shared-secret Set vpn ipsec site-to-site peer 1.1.1.1 local-address 2.2.2.2 Set vpn ipsec ipsec-interfaces interface eth1 Set vpn ipsec site-to-site peer 2.2.2.2 tunnel 1 remote prefix 10.1.1.0/24 Set vpn ipsec site-to-site peer 2.2.2.2 tunnel 1 esp-group vpntunnel Set vpn ipsec site-to-site peer 2.2.2.2 tunnel 1 Set vpn ipsec site-to-site peer 2.2.2.2 ike-group vpntunnel Set vpn ipsec site-to-site peer 2.2.2.2 default-esp-group vpntunnel Set vpn ipsec site-to-site peer 2.2.2.2 authentication pre-shared-secret SuperSecretKey123 Set vpn ipsec site-to-site peer 2.2.2.2 authentication mode pre-shared-secret Set vpn ipsec site-to-site peer 2.2.2.2 local-address 1.1.1.1 Set vpn ipsec ipsec-interfaces interface eth0 Set vpn ipsec ike-group vpntunnel proposal 1 hash sha1 Set vpn ipsec ike-group vpntunnel proposal 1 encryption aes128 Set vpn ipsec ike-group vpntunnel proposal 1 Set vpn ipsec esp-group vpntunnel proposal 1 hash sha1 Set vpn ipsec esp-group vpntunnel proposal 1 encryption aes128 Set vpn ipsec esp-group vpntunnel proposal 1 Set vpn ipsec esp-group vpntunnel compression disable SSH into the routers, and apply these commands: I’m going to start by configuring the tunnels in the routers. The screenshots of the configurations on that page must be dated though, because some of the commands aren’t correct. I found this guide on Ubiquiti’s website, which shows some CLI commands to run.

This might work using hostnames with dynamic IPs, but I haven’t tested it. In the real world, you would ideally have static external IPs. R2 has an external IP of 2.2.2.2 on eth1, and an internal subnet on 10.1.1.0/24. Both routers have been configured with the basic WAN+2LAN wizards, which adds a basic stateful firewall and NAT masquerade on the WAN interface. R1 has an external IP of 1.1.1.1 on eth0, and an internal subnet of 192.168.1.0/24. Both routers have external IPs on their WAN interfaces, and are not behind any other NAT. One is an EdgeRouter Lite, the other is an EdgeRotuer X, both on firmware 1.9.1 (the most current firmware as of when this was written). In my test setup, I’ve got two Ubiquiti EdgeRouters. I decided to write a post describing my setup process from start to finish. I did some searching, and the documentation was lacking or incomplete. I recently needed to configure an IPSec VPN tunnel between two Ubiquiti EdgeRouters.