13
edits
Changes
→Server (RUT1)
[[File:Networking rutxxx configuration examples ipsec server configuration v2.png|border|class=tlt-border]]
[[File:Networking rutxxx configuration examples ipsec server configuration v2.png|border|class=tlt-border]]
# '''Enable''' - if checked, enables the IPsec instance
# '''Remote endpoint''' - IP address or hostname of the remote IPsec instance. '''Leave empty''' for the server configuration
# '''Pre shared key''' - a shared password used for authentication between the peers. The value of this field must match the other instance
# '''Local identifier''' - 192.168.0.1
# '''Remote identifier''' - 192.168.0.20
# '''Type''' - the type of the connection.
#'''Transport''' encrypts only the payload and Encapsulating Security Payload (ESP) trailer; so the IP header of the original packet is not encrypted. Transport mode is usually used when another tunneling protocol (such as [[VPN#GRE_Tunnel|GRE]], [[VPN#L2TP|L2TP]]) is used to first encapsulate the IP data packet, then IPsec is used to protect the GRE/L2TP tunnel packets. NAT traversal is not supported with the transport mode
# '''IKE lifetime''' - 8h, make sure you've inserted the same lifetime in '''Phase 1''' and '''Phase 2'''
====Client (RUT2)====
====Client (RUT2)====
