Teltonika Networks Wiki

Changes

IPSec Tunnel w/CA Certs Configuration (view source)

Revision as of 23:43, 26 June 2024

1,958 bytes added ,  Wednesday at 23:43
no edit summary
Line 352: Line 352:     
* `ping 192.168.3.1` // You should get a response if the tunnel has established properly.
 
* `ping 192.168.3.1` // You should get a response if the tunnel has established properly.
 +
[Screenshot Here]
 +
 +
* SSH into RUT1 device
 +
* `opkg update`
 +
* `opkg install tcpdump`
 +
* `tcpdump -i any -w Checking_For_ESP_Packets.pcap`
 +
* SSH into RUT2 device
 +
* On RUT2 ping the LAN ip for RUT1 and leave that running. In our example that would be `ping 192.168.3.1`
 +
* On RUT1 wait 10 seconds then CTRL+C to stop the program
 +
* Then use a program like WinSCP to download `Checking_For_ESP_Packets.pcap` from RUT1
 +
* Open the file in a program called Wireshark and filter for encrypted ESP packets with this `_ws.col.protocol == "ESP"`. You should see ESP packets from both the WAN IPs. You shouldn't be able to see inside the packet because it is now encrypted, but if we decrypted the packets we would see the ICMP packets between the 2 RUT devices.
 
[Screenshot Here]
 
[Screenshot Here]
    
===RUT1 LAN device to RUT2 LAN device Test===
 
===RUT1 LAN device to RUT2 LAN device Test===
 
----
 
----
 +
 +
* Attach a Windows/MacOS/Linux PC via ethernet or wifi to RUT1 LAN. Remove or disable any other active interfaces on your PC.
 +
* Disable the firewall. Examples for each OS as follows.
 +
  * Windows 10/11
 +
    1. Press `Windows-Key + R`
 +
    2. Type `control` and hit enter
 +
    3. Navigate to Firewall Settings -> System and Security -> Windows Defender Firewall
 +
    4. On the left sidebar, click "Turn Windows Defender Firewall on or off"
 +
    5. Select "Turn off Windows Defender Firewall (not recommended)" under both the Private and Public network settings
 +
    6. Click "OK" to apply the changes
 +
  * MacOS Ventura
 +
    1. Click on Apple menu and select "System Preferences"
 +
    2. Click on "Security & Privacy"
 +
    3. Click on the "Firewall" tab
 +
    4. Select the lock icon at the bottom left and enter your administrator password
 +
    5. Select "Turn Off Firewall"
 +
  * Linux (Ubuntu)
 +
    1. Open a Terminal window
 +
    2. `sudo ufw disable`
 +
* Perform similar steps above for a 2nd device connected to RUT2 LAN
 +
* Once both devices are connected to the LAN of RUT1 & RUT2 you should be able to ping the devices from each other.
 +
[Screenshot Here]
 +
 +
* Afterwards make sure to re-enable the firewall for both LAN devices
Retrieved from "https://wiki.teltonika-networks.com/view/Special:MobileDiff/128038"