Version vom 2. April 2025, 18:33 Uhr

Szenario

Einstellung	opnsense.it113.int	opnsense2.it113.int
IP Address	192.168.6.113	192.168.6.114
Tunnel IP	169.254.100.1	169.254.100.2
Internes Netz	172.88.113.0/24	172.88.114.0/24
Pre-Shared Key (PSK)	123Start$
Phase 1	AES256 – SHA256 – DH16
Phase 2	AES256 – SHA256 – DH16

VPN: IPsec: Pre-Shared Keys

opnsense.it113.int PSK

Einstellung	Wert
Local Identifier	192.168.6.113
Remote Identifier	192.168.6.114
Pre-Shared Key	123Start$
Type	PSK
Description	–

opnsense.it114.int PSK

Einstellung	Wert
Local Identifier	192.168.6.114
Remote Identifier	192.168.6.113
Pre-Shared Key	123Start$
Type	PSK
Description	–

VPN: IPsec: Virtual Tunnel Interfaces

opnsense.it113.int VTI

Einstellung	Wert
Enabled	aktiviert (✓)
Reqid	10
Local address	192.168.6.113
Remote address	192.168.6.114
Tunnel local address	169.254.100.1
Tunnel remote address	169.254.100.2
Tunnel secondary local address	–
Tunnel secondary remote address	–
Name	IPSEC10

opnsense.it114.int VTI

Einstellung	Wert
Enabled	aktiviert (✓)
Reqid	10
Local address	192.168.6.114
Remote address	192.168.6.113
Tunnel local address	169.254.100.2
Tunnel remote address	169.254.100.1
Tunnel secondary local address	–
Tunnel secondary remote address	–
Name	IPSEC10

VPN: IPsec: Connections

opnsense.it113.int Connections

Einstellung	Wert
Enabled	aktiviert (✓)
Proposals	default
Version	IKEv2
MOBIKE	deaktiviert
Local addresses	192.168.6.113
Remote addresses	192.168.6.114
DPD delay (s)	–
Pools	Nothing selected
Description	–

opnsense.it114.int Connections

Einstellung	Wert
Enabled	aktiviert (✓)
Proposals	default
Version	IKEv2
MOBIKE	deaktiviert
Local addresses	192.168.6.113
Remote addresses	192.168.6.114
DPD delay (s)	–
Pools	Nothing selected
Description	–

VPN: IPsec: Connections

opnsense.it113.int Authentication

Local

Einstellung	Wert
Enabled	aktiviert (✓)
Connection	it113-it114
Round	0
Authentication	Pre-Shared Key
Id	192.168.6.113
Certificates	Nothing selected
Description	–

Remote

Einstellung	Wert
Enabled	aktiviert (✓)
Connection	it113-it114
Round	0
Authentication	Pre-Shared Key
Id	192.168.6.114
Certificates	Nothing selected
Description	–

opnsense.it114.int Authentication

Local

Einstellung	Wert
Enabled	aktiviert (✓)
Connection	it114-it113
Round	0
Authentication	Pre-Shared Key
Id	192.168.6.114
Certificates	Nothing selected
Description	–

Remote

Einstellung	Wert
Enabled	aktiviert (✓)
Connection	it114-it113
Round	0
Authentication	Pre-Shared Key
Id	192.168.6.113
Certificates	Nothing selected
Description	–

Children

opnsense.it113.int Children

Einstellung	Wert
Enabled	aktiviert (✓)
Connection	it113-it114
Mode	Tunnel
Policies	deaktiviert
Start action	Trap
DPD action	Clear
Reqid	10
ESP Proposals	aes256-sha256-modp4096 [DH16]
Local	0.0.0.0/0
Remote	0.0.0.0/0
Description	–

opnsense.it114.int Children

Einstellung	Wert
Enabled	aktiviert (✓)
Connection	it114-it113
Mode	Tunnel
Policies	deaktiviert
Start action	Trap
DPD action	Clear
Reqid	10
ESP Proposals	aes256-sha256-modp4096 [DH16]
Local	0.0.0.0/0
Remote	0.0.0.0/0
Description	–

Links

https://docs.opnsense.org/manual/how-tos/ipsec-s2s-conn-route.html

@@ Zeile 138: / Zeile 138: @@
 | '''Description''' || –
 |}
-=System: Gateways: Configuration=
-==opnsense.it114.int Gateway==
-{| class="wikitable"
-! Einstellung || Wert
-|-
-| '''Enabled''' || aktiviert (✓)
-|-
-| '''Name''' || IPSEC10_GW
-|-
-| '''Description''' || IPSEC10_GW
-|-
-| '''Interface''' || IPSEC10
-|-
-| '''Address Family''' || IPv4
-|-
-| '''IP Address''' || 169.254.100.1
-|-
-| '''Upstream Gateway''' || deaktiviert
-|-
-| '''Far Gateway''' || deaktiviert
-|-
-| '''Disable Gateway Monitoring''' || aktiviert (✓)
-|-
-| '''Disable Host Route''' || deaktiviert
-|-
-| '''Monitor IP''' || –
-|-
-| '''Mark Gateway as Down''' || deaktiviert
-|-
-| '''Priority''' || 255
-|}
 =VPN: IPsec: Connections=
 ==opnsense.it113.int Authentication==

OPNsense Route based (VTI) PSK setup: Unterschied zwischen den Versionen

Version vom 2. April 2025, 18:33 Uhr

Inhaltsverzeichnis

Szenario

VPN: IPsec: Pre-Shared Keys

opnsense.it113.int PSK

opnsense.it114.int PSK

VPN: IPsec: Virtual Tunnel Interfaces

opnsense.it113.int VTI

opnsense.it114.int VTI

VPN: IPsec: Connections

opnsense.it113.int Connections

opnsense.it114.int Connections

VPN: IPsec: Connections

opnsense.it113.int Authentication

Local

Remote

opnsense.it114.int Authentication

Local

Remote

Children

opnsense.it113.int Children

opnsense.it114.int Children

Links

Navigationsmenü

Suche