Difference between revisions of "FireBrick to FireBrick IPsec (Howto)"

Jump to navigation Jump to search
no edit summary
m
(3 intermediate revisions by the same user not shown)
Here we will use an IPsec tunnel between two FireBricks. We will use IKE2IKEv2 and use a (strong) preshared-secret password.
 
Note that the password shown in the config entries below is an example only. A strong passphrase should be used in a real config.
 
==Manuals==
Do read the official FireBrick manuals for more information - this is just a simple howto, which just coverscovering the basics.
 
==Network Overview:==
</ipsec-ike>
 
If you firewall WAN to 'Self' (The FirebrickFireBrick), then a firewall filter may be needed too, eg:
 
<rule name="IPsec from London FB" protocol="50" action="accept" source-ip="198.51.100.1"/>
 
==FireBrick BReading Config==
 
<ipsec-ike comment="toLondon">
<connection name="toLondon" local-ip="198.51.100.1" peer-ips="203.0.113.1" graph="LondonIPsec" routes="192.168.0.0/24" local-ID="1" peer-ID="1" auth-method="Secret" secret="mySecretPassword" mode="Immediate" blackhole="true"/>
</ipsec-ike>
 
If you firewall WAN to 'Self' (The Firebrick), then a firewall filter may be needed too, eg:
 
<rule name="IPsec from Reading FB" protocol="50" action="accept" source-ip="203.0.113.1"/>

Navigation menu