Sophos-XG-IPSec-zu-Strongswan-PSK: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(→VPN) |
|||
| Zeile 14: | Zeile 14: | ||
==Gateway settings== | ==Gateway settings== | ||
[[Datei:Sophos-XG-IPSec-zu-Strongswan4.png|700px]] | [[Datei:Sophos-XG-IPSec-zu-Strongswan4.png|700px]] | ||
| − | + | =Strongswan= | |
| − | + | ==/etc/ipsec.conf== | |
| − | + | <pre> | |
| − | + | conn vpn-sophos-xg | |
| − | + | authby=secret | |
| − | + | keyexchange=ikev2 | |
| − | + | left=10.85.21.6 | |
| − | + | leftid = 10.85.21.6 | |
| + | leftsubnet="192.168.1.1/32" | ||
| + | leftauth = psk | ||
| + | rightauth = psk | ||
| + | right=10.85.21.4 | ||
| + | rightid=10.85.21.4 | ||
| + | rightsubnet="192.168.4.1/32" | ||
| + | ike=aes256-sha256-modp4096! | ||
| + | esp=aes256-sha256-modp4096! | ||
| + | ikelifetime=28800s | ||
| + | lifetime=3600s | ||
| + | auto=add | ||
| + | </pre> | ||
| + | ==/etc/ipsec.secrets== | ||
| + | 10.85.21.4 10.85.4.6 : PSK 012345-Hilde-Becker$$ | ||
Version vom 11. Juli 2022, 13:12 Uhr
Netze Definieren
Hosts and services
- Add
- Network
VPN
- IPsec connections
- ADD
General settings
Encryption
Gateway settings
Strongswan
/etc/ipsec.conf
conn vpn-sophos-xg authby=secret keyexchange=ikev2 left=10.85.21.6 leftid = 10.85.21.6 leftsubnet="192.168.1.1/32" leftauth = psk rightauth = psk right=10.85.21.4 rightid=10.85.21.4 rightsubnet="192.168.4.1/32" ike=aes256-sha256-modp4096! esp=aes256-sha256-modp4096! ikelifetime=28800s lifetime=3600s auto=add
/etc/ipsec.secrets
10.85.21.4 10.85.4.6 : PSK 012345-Hilde-Becker$$