FireBrick Road Warrior FireBrick Config: Difference between revisions

The basic server config is in <tt>ipsec-ike</tt> containing a <tt>connection</tt> and <tt>roaming</tt> entry, e.g.

 

<ipsec-ike>

<connection name="server" roaming-pool="roam-pool" auth-method="Certificate" peer-auth-method="EAP" mode="Wait" local-ID="FQDN:server.example.com"/>

Each roaming user then needs an <tt>eap</tt> user record.

 

<eap name="fred" full-name="Fred Bloggs" password="[password]" subsystem="IPsec" methods="MSChapV2"/>

</syntaxhighlight>

 

You will also want to look at the Firewall on the FireBrick and allow traffic where required, for example, to Allow the IPsec users to connect to the Internet via your PPPoE connections use something like:

<rule-set name="FromIPSec" source-interface="ipsec" no-match-action="continue">

<rule name="AllowInternet" target-interface="pppoe" action="accept"/>