VPN: Difference between revisions

Jump to navigation Jump to search

VPN (view source)

Revision as of 03:38, 17 February 2024

1,053 bytes added ,  1 year ago
Added strongSwan to strongSwan config info
(Added Persistent SSH Tunnels)
(Added strongSwan to strongSwan config info)
Line 7: Line 7:
== IPSEC ==
== IPSEC ==
Information on how to setup IPSEC tunnels.
Information on how to setup IPSEC tunnels.
=== stongSwan to strongSwan ===
Use the following config for a strongSwan<ref>strongSwan Official Site [https://www.strongswan.org/]</ref> to strongSwan configuration.  Make sure the left and right IP addresses are updated to match each system.  You can use the same ipsec.secrets file on both systems without changing the IP address order, although I recommend changing it to having the local IP on the left and the remote on the right as shown below.
====ipsec.conf====
/sec/ipsec/conf:
  conn <name>
            authby=secret
            auto=route        # can also be start
            keyexchange=ike
            left=<your local IP>
            right=<remote IP of Mikrotik system>
            leftikeport=500
            rightikeport=500
            type=transport
            esp=aes128gcm16!
            dpddelay=5
            dpdtimeout=20
            dpdaction=clear  # can also be restart
====ipsec.secrets====
/etc/ipsec.secrets:
    <your local IP> <remote IP of Mikrotik system> :  PSK "<Put your preshared key here>"


=== strongSwan to MikroTik ===
=== strongSwan to MikroTik ===
Retrieved from "https://wiki.kg7qin.org/index.php/Special:MobileDiff/136"

Navigation menu