Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

FireBrick to FireBrick IPsec (Howto): Difference between revisions

no edit summary
mNo edit summary
No edit summary
(3 intermediate revisions by the same user not shown)
Here we will use an IPsec tunnel between two FireBricks. We will use IKE2IKEv2 and use a (strong) preshared-secret password.
 
Note that the password shown in the config entries below is an example only. A strong passphrase should be used in a real config.
 
==Manuals==
Do read the official FireBrick manuals for more information - this is just a simple howto, which just coverscovering the basics.
 
==Network Overview:==
</ipsec-ike>
 
If you firewall WAN to 'Self' (The FirebrickFireBrick), then a firewall filter may be needed too, eg:
 
<rule name="IPsec from London FB" protocol="50" action="accept" source-ip="198.51.100.1"/>
 
==FireBrick BReading Config==
 
<ipsec-ike comment="toLondon">
<connection name="toLondon" local-ip="198.51.100.1" peer-ips="203.0.113.1" graph="LondonIPsec" routes="192.168.0.0/24" local-ID="1" peer-ID="1" auth-method="Secret" secret="mySecretPassword" mode="Immediate" blackhole="true"/>
</ipsec-ike>
 
If you firewall WAN to 'Self' (The Firebrick), then a firewall filter may be needed too, eg:
 
<rule name="IPsec from Reading FB" protocol="50" action="accept" source-ip="203.0.113.1"/>