OPNsense NAT in der SP: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 62: | Zeile 62: | ||
|- | |- | ||
| '''Pools''' || Nothing selected | | '''Pools''' || Nothing selected | ||
| + | |- | ||
| + | | '''Description''' || – | ||
| + | |} | ||
| + | =VPN: IPsec: Connections= | ||
| + | ==opnsense.it113.int Authentication== | ||
| + | ===Local=== | ||
| + | {| class="wikitable" | ||
| + | ! Einstellung || Wert | ||
| + | |- | ||
| + | | '''Enabled''' || aktiviert (✓) | ||
| + | |- | ||
| + | | '''Connection''' || it113-it114 | ||
| + | |- | ||
| + | | '''Round''' || 0 | ||
| + | |- | ||
| + | | '''Authentication''' || Pre-Shared Key | ||
| + | |- | ||
| + | | '''Id''' || 192.168.6.113 | ||
| + | |- | ||
| + | | '''Certificates''' || Nothing selected | ||
| + | |- | ||
| + | | '''Description''' || – | ||
| + | |} | ||
| + | ===Remote=== | ||
| + | {| class="wikitable" | ||
| + | ! Einstellung || Wert | ||
| + | |- | ||
| + | | '''Enabled''' || aktiviert (✓) | ||
| + | |- | ||
| + | | '''Connection''' || it113-it114 | ||
| + | |- | ||
| + | | '''Round''' || 0 | ||
| + | |- | ||
| + | | '''Authentication''' || Pre-Shared Key | ||
| + | |- | ||
| + | | '''Id''' || 192.168.6.114 | ||
| + | |- | ||
| + | | '''Certificates''' || Nothing selected | ||
|- | |- | ||
| '''Description''' || – | | '''Description''' || – | ||
|} | |} | ||
Version vom 4. April 2025, 10:47 Uhr
Ziel
- Wir haben eine IP als Source für die Einwahl in ein Firmenetz zugeteilt bekommen.
- Wir selbst haben ein anderes Netz
- Gegeben sind:
Unser Netz 172.88.113.0/24
Unsere PseudoIP 172.20.24.1/32
Anderes Netz 172.88.114.0/24
Wir beschreiben nur die Seite die Naten muss
Szenario
| Einstellung | opnsense.it113.int | opnsense2.it114.int |
|---|---|---|
| IP Address | 192.168.6.113 | 192.168.6.114 |
| Internes Netz | 172.88.113.0/24 | 172.88.114.0/24 |
| Zugeteilte VPN IP | 172.20.24.1/32 | X |
| Pre-Shared Key (PSK) | 123Start$ | |
| Phase 1 | AES256 – SHA256 – DH16 | |
| Phase 2 | AES256 – SHA256 – DH16 | |
opnsense.it113.int PSK
| Einstellung | Wert |
|---|---|
| Local Identifier | 192.168.6.113 |
| Remote Identifier | 192.168.6.114 |
| Pre-Shared Key | 123Start$ |
| Type | PSK |
| Description | – |
VPN: IPsec: Connections
opnsense.it113.int Connections
| Einstellung | Wert |
|---|---|
| Enabled | aktiviert (✓) |
| Proposals | default |
| Version | IKEv2 |
| MOBIKE | deaktiviert |
| Local addresses | 192.168.6.113 |
| Remote addresses | 192.168.6.114 |
| DPD delay (s) | – |
| Pools | Nothing selected |
| Description | – |
VPN: IPsec: Connections
opnsense.it113.int Authentication
Local
| Einstellung | Wert |
|---|---|
| Enabled | aktiviert (✓) |
| Connection | it113-it114 |
| Round | 0 |
| Authentication | Pre-Shared Key |
| Id | 192.168.6.113 |
| Certificates | Nothing selected |
| Description | – |
Remote
| Einstellung | Wert |
|---|---|
| Enabled | aktiviert (✓) |
| Connection | it113-it114 |
| Round | 0 |
| Authentication | Pre-Shared Key |
| Id | 192.168.6.114 |
| Certificates | Nothing selected |
| Description | – |