[[configuration:security:devices]]
 
Trace:

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
configuration:security:devices [2014/06/18 18:15] adminconfiguration:security:devices [2015/02/09 11:38] – [Mikrotik] admin
Line 7: Line 7:
 ^ Compatible | **8** | ^ Compatible | **8** |
 ^ Recommended | **8** | ^ Recommended | **8** |
 +^ VPN  | subnet to subnet |
  
-==== VPN LAN to LAN configuration ==== 
  
 {{ :configuration:security:draytek_vpn_1.png?nolink |}} {{ :configuration:security:draytek_vpn_1.png?nolink |}}
Line 26: Line 26:
 ^ Compatible | **8** | ^ Compatible | **8** |
 ^ Recommended | **7** | ^ Recommended | **7** |
 +^ VPN  | subnet to subnet |
  
-==== VPN LAN to LAN configuration ==== 
  
 {{ :configuration:security:mikrotik_vpn_conf1.png?nolink |}} {{ :configuration:security:mikrotik_vpn_conf1.png?nolink |}}
  
 {{ :configuration:security:mikrotik_vpn_conf2.png?nolink |}} {{ :configuration:security:mikrotik_vpn_conf2.png?nolink |}}
 +
 +SA Src. Address: is the ip address where we expect the pkts ipsec, ex: the device ip or gateway when behind NAT \\
 +SA Dst. Address: is the ip address where we expect the pkts ipsec, ex: the CM ip
 +
  
 {{ :configuration:security:mikrotik_vpn_conf3.png?nolink |}} {{ :configuration:security:mikrotik_vpn_conf3.png?nolink |}}
Line 38: Line 42:
  
 {{ :configuration:security:mikrotik_vpn_conf5.png?nolink |}} {{ :configuration:security:mikrotik_vpn_conf5.png?nolink |}}
 +
 +
 +== Setting VPN using the terminal ==
 +
 +Schema:
 +
 +^LAN-MK ^ MK ^ CM ^ LAN-CM ^
 +|172.26.7.0/24 | 192.168.20.1 | 192.168.10.1 | 10.10.2.0/24 |
 +
 +
 +Commands:
 +
 +/ip ipsec peer add address=192.168.10.1/32 port=500 auth-method=pre-shared-key secret="PSKEYSECRET2013"
 +
 +/ip ipsec policy add src-address=172.26.7.0/24 src-port=any dst-address=10.10.2.0/24 dst-port=any sa-src-address=192.168.20.1 sa-dst-address=192.168.10.1 tunnel=yes action=encrypt proposal=default
 +
 +/ip firewall nat add chain=srcnat action=accept  place-before=0 src-address=172.26.7.0/24 dst-address=10.10.2.0/24
 +
  
 ===== SONICWALL ===== ===== SONICWALL =====
Line 45: Line 67:
 ^ Compatible | **8** | ^ Compatible | **8** |
 ^ Recommended | **8** | ^ Recommended | **8** |
 +^ VPN  | subnet to subnet |
  
-==== VPN Site - Site configuration ==== 
  
 {{ :configuration:security:sonicwall_vpn_conf1.png?nolink |}} {{ :configuration:security:sonicwall_vpn_conf1.png?nolink |}}
Line 65: Line 87:
  
  
-===== Zyxel ZyWall USG 20 =====+===== Zyxel ===== 
 + 
 +==== ZyWall USG 20 ====
  
 === General === === General ===
Line 71: Line 95:
 ^ Compatible | **8** | ^ Compatible | **8** |
 ^ Recommended | **8** | ^ Recommended | **8** |
 +^ VPN  | subnet to subnet |
  
-==== VPN LAN to LAN configuration ==== 
  
 {{ :configuration:security:ZyWall_USG20_1.JPG?nolink&1000 |}} {{ :configuration:security:ZyWall_USG20_1.JPG?nolink&1000 |}}
Line 97: Line 121:
  
  
-===== Zyxel - P-661HW-D1 =====+==== P-661HW-D1 ====
  
 === General === === General ===
Line 103: Line 127:
 ^ Compatible | **8** | ^ Compatible | **8** |
 ^ Recommended | **8** | ^ Recommended | **8** |
 +^ VPN  | subnet to subnet |
  
-==== VPN LAN to LAN configuration ==== 
  
 {{ :configuration:security:zyxel_p-661hw_1.png?nolink&800 |}} {{ :configuration:security:zyxel_p-661hw_1.png?nolink&800 |}}
/home/www/wiki/data/pages/configuration/security/devices.txt · Last modified: 2015/02/09 11:39 by admin
 
Recent changes RSS feed Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki