Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

FireBrick to FireBrick IPsec (Howto): Difference between revisions

← Older editNewer edit →
Content deleted Content added
AA-Andrew (talk | contribs)
autoreview, Bureaucrats, editor, Interface administrators, reviewer, Administrators
12,619 edits
mNo edit summary
AA-Andrew (talk | contribs)
autoreview, Bureaucrats, editor, Interface administrators, reviewer, Administrators
12,619 edits
Line 53: Line 53:
<rule name="IPsec from Reading FB" protocol="50" action="accept" source-ip="203.0.113.1"/>
<rule name="IPsec from Reading FB" protocol="50" action="accept" source-ip="203.0.113.1"/>


You will also want to add firewall rules to allow traffic between the two LANs, eg, this will allow all traffic to and from London:
You will also want to add firewall rules to allow traffic between the two LANs, eg, this will allow all traffic to and from London and will not NAT the traffic:


<rule-set name="IPsec" source-interface="LAN ipsec" target-interface="LAN ipsec" no-match-action="continue" comment="Allow all traffic ">
<rule-set name="IPsec" source-interface="LAN ipsec" target-interface="LAN ipsec" no-match-action="continue" comment="Allow all traffic ">
<rule name="Allow" set-graph="IPSecTraffic" action="accept"/>
<rule name="Allow" set-graph="IPSecTraffic" action="accept" set-nat="false" />
</rule-set>
</rule-set>


Retrieved from "http://support.aa.net.uk/FireBrick_to_FireBrick_IPsec_(Howto)"