Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

IPsec Firewall: Difference between revisions

← Older editNewer edit →
Content deleted Content added
AA-Andrew (talk | contribs)
autoreview, Bureaucrats, editor, Interface administrators, reviewer, Administrators
12,616 edits
mNo edit summary
Reedy (talk | contribs)
editor
706 edits
lang=xml
Line 5: Line 5:


Example:
Example:
<syntaxhighlight>
<syntaxhighlight lang=xml>
<rule-set name="IPsec" source-interface="pppoe" target-interface="self" no-match-action="continue" comment="Non-NATed IPsec connections from PPP to the Brick">
<rule-set name="IPsec" source-interface="pppoe" target-interface="self" no-match-action="continue" comment="Non-NATed IPsec connections from PPP to the Brick">
<rule name="IKE" target-port="500" protocol="17" action="accept" comment="Internet Key Exchange"/>
<rule name="IKE" target-port="500" protocol="17" action="accept" comment="Internet Key Exchange"/>
Line 22: Line 22:


Example:
Example:
<syntaxhighlight>
<syntaxhighlight lang=xml>
<rule-set name="IPsec" source-interface="pppoe" target-interface="self" no-match-action="continue" comment="Allow NATed IPsec connections from PPP to the Brick">
<rule-set name="IPsec" source-interface="pppoe" target-interface="self" no-match-action="continue" comment="Allow NATed IPsec connections from PPP to the Brick">
<rule name="IKE" target-port="500 4500" protocol="17" action="accept" comment="Internet Key Exchange"/>
<rule name="IKE" target-port="500 4500" protocol="17" action="accept" comment="Internet Key Exchange"/>
Line 31: Line 31:


Example:
Example:
<syntaxhighlight>
<syntaxhighlight lang=xml>
<rule-set name="IPsec" source-interface="pppoe" target-interface="self" no-match-action="continue" comment="Allow NATed and Non-NATed IPsec connections from PPP to the Brick">
<rule-set name="IPsec" source-interface="pppoe" target-interface="self" no-match-action="continue" comment="Allow NATed and Non-NATed IPsec connections from PPP to the Brick">
<rule name="IKE" target-port="500 4500" protocol="17" action="accept" comment="Internet Key Exchange"/>
<rule name="IKE" target-port="500 4500" protocol="17" action="accept" comment="Internet Key Exchange"/>
Retrieved from "http://support.aa.net.uk/IPsec_Firewall"