Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

FireBrick Road Warrior FireBrick Config: Difference between revisions

FireBrick Road Warrior FireBrick Config (view source)

Revision as of 23:32, 7 March 2016

27 bytes added ,  7 March 2016
lang=xml
(lang=xml)
The basic server config is in <tt>ipsec-ike</tt> containing a <tt>connection</tt> and <tt>roaming</tt> entry, e.g.
 
<syntaxhighlight lang=xml>
<ipsec-ike>
<connection name="server" roaming-pool="roam-pool" auth-method="Certificate" peer-auth-method="EAP" mode="Wait" local-ID="FQDN:server.example.com"/>
Each roaming user then needs an <tt>eap</tt> user record.
 
<syntaxhighlight lang=xml>
<eap name="fred" full-name="Fred Bloggs" password="[password]" subsystem="IPsec" methods="MSChapV2"/>
</syntaxhighlight>
 
You will also want to look at the Firewall on the FireBrick and allow traffic where required, for example, to Allow the IPsec users to connect to the Internet via your PPPoE connections use something like:
<syntaxhighlight lang=xml>
<rule-set name="FromIPSec" source-interface="ipsec" no-match-action="continue">
<rule name="AllowInternet" target-interface="pppoe" action="accept"/>
Reedy
editor
706

edits

Retrieved from "http://support.aa.net.uk/Special:MobileDiff/10893"