Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

FireBrick IPsec (Road Warrior Howto): Difference between revisions

← Older editNewer edit →
Content deleted Content added
AA-Andrew (talk | contribs)
autoreview, Bureaucrats, editor, Interface administrators, reviewer, Administrators
12,659 edits
AA-Andrew (talk | contribs)
autoreview, Bureaucrats, editor, Interface administrators, reviewer, Administrators
12,659 edits
Line 76: Line 76:
The basic server config is in <tt>ipsec-ike</tt> containing a <tt>connection</tt> and <tt>roaming</tt> entry, e.g.
The basic server config is in <tt>ipsec-ike</tt> containing a <tt>connection</tt> and <tt>roaming</tt> entry, e.g.


<syntaxhighlight>

<ipsec-ike&gt;
<ipsec-ike>
<connection name="''server''" roaming-pool="''roam-pool''" auth-method="Certificate" peer-auth-method="EAP" mode="Wait" local-ID="FQDN:''server.example.com''"/&gt;
<connection name="server" roaming-pool="roam-pool" auth-method="Certificate" peer-auth-method="EAP" mode="Wait" local-ID="FQDN:server.example.com"/>
<roaming name="''roam-pool''" ip="''[ranges of LAN IPs]''" DNS="''[DNS, e.g. 8.8.8.8]''"/&gt;
<roaming name="roam-pool" ip="[ranges of LAN IPs]" DNS="[DNS, e.g. 8.8.8.8]"/>
&lt;/ipsec-ike&gt;
</ipsec-ike>
</syntaxhighlight>



Each roaming user then needs an <tt>eap</tt> user record.
Each roaming user then needs an <tt>eap</tt> user record.
Retrieved from "http://support.aa.net.uk/FireBrick_IPsec_(Road_Warrior_Howto)"