L2TP over IPsec RutOS: Difference between revisions
→Server (RUT1)
| Line 36: | Line 36: | ||
[[File:Networking rutxxx configuration examples ipsec server configuration v2.png|border|class=tlt-border]] | [[File:Networking rutxxx configuration examples ipsec server configuration v2.png|border|class=tlt-border]] | ||
# '''Enable''' - if checked, enables the IPsec instance | |||
# '''Remote endpoint''' - IP address or hostname of the remote IPsec instance. '''Leave empty''' for the server configuration | |||
# '''Pre shared key''' - a shared password used for authentication between the peers. The value of this field must match the other instance | |||
# '''Local identifier''' - 192.168.0.1 | |||
# '''Remote identifier''' - 192.168.0.20 | |||
# '''Type''' - the type of the connection. | |||
#'''Transport''' encrypts only the payload and Encapsulating Security Payload (ESP) trailer; so the IP header of the original packet is not encrypted. Transport mode is usually used when another tunneling protocol (such as [[VPN#GRE_Tunnel|GRE]], [[VPN#L2TP|L2TP]]) is used to first encapsulate the IP data packet, then IPsec is used to protect the GRE/L2TP tunnel packets. NAT traversal is not supported with the transport mode | |||
# '''IKE lifetime''' - 8h, make sure you've inserted the same lifetime in '''Phase 1''' and '''Phase 2''' | |||
====Client (RUT2)==== | ====Client (RUT2)==== | ||