Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

FireBrick to FireBrick IPsec (Howto): Difference between revisions

← Older edit
Content deleted Content added
Reedy (talk | contribs)
editor
706 edits
Prettyful colours
Reedy (talk | contribs)
editor
706 edits
m clean up, typos fixed: eg: → e.g.: (4)
 
Line 1: Line 1:
<indicator name="Tunnels">[[File:Menu-IPsec.svg|link=:Category:FireBrick_IPsec|30px|Back up to the FireBrick IPsec Tunnels Category Page]]</indicator>
<indicator name="Tunnels">[[File:Menu-IPsec.svg|link=:Category:FireBrick IPsec|30px|Back up to the FireBrick IPsec Tunnels Category Page]]</indicator>
Here we will use an IPsec tunnel between two FireBricks. We will use IKEv2 and use a preshared-secret password.
Here we will use an IPsec tunnel between two FireBricks. We will use IKEv2 and use a preshared-secret password.


Line 7: Line 7:
Do read the official FireBrick manuals for more information - this is just a simple howto covering the basics.
Do read the official FireBrick manuals for more information - this is just a simple howto covering the basics.


==Network Overview:==
==Network Overview==


{| class="wikitable"
{| class="wikitable"
Line 33: Line 33:
</syntaxhighlight>
</syntaxhighlight>


If you firewall WAN to 'Self' (The FireBrick), then a firewall filter may be needed too, eg:
If you firewall WAN to 'Self' (The FireBrick), then a firewall filter may be needed too, e.g.:


<syntaxhighlight lang=xml>
<syntaxhighlight lang=xml>
Line 39: Line 39:
</syntaxhighlight>
</syntaxhighlight>


You will also want to add firewall rules to allow traffic between the two LANs, eg, this will allow all traffic to and from Reading and will not NAT the traffic:
You will also want to add firewall rules to allow traffic between the two LANs, e.g., this will allow all traffic to and from Reading and will not NAT the traffic:


<syntaxhighlight lang=xml>
<syntaxhighlight lang=xml>
Line 57: Line 57:
</syntaxhighlight>
</syntaxhighlight>


If you firewall WAN to 'Self' (The Firebrick), then a firewall filter may be needed too, eg:
If you firewall WAN to 'Self' (The Firebrick), then a firewall filter may be needed too, e.g.:


<syntaxhighlight lang=xml>
<syntaxhighlight lang=xml>
Line 63: Line 63:
</syntaxhighlight>
</syntaxhighlight>


You will also want to add firewall rules to allow traffic between the two LANs, eg, this will allow all traffic to and from London and will not NAT the traffic:
You will also want to add firewall rules to allow traffic between the two LANs, e.g., this will allow all traffic to and from London and will not NAT the traffic:


<syntaxhighlight lang=xml>
<syntaxhighlight lang=xml>
Line 73: Line 73:
This rule actually allows all traffic from all IPSec connections - so do edit to suit your environment.
This rule actually allows all traffic from all IPSec connections - so do edit to suit your environment.


[[Category:FireBrick_IPsec|FireBrick]]
[[Category:FireBrick IPsec|FireBrick]]
Retrieved from "http://support.aa.net.uk/FireBrick_to_FireBrick_IPsec_(Howto)"