[[configuration:security:devices]]
 
Trace:

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
configuration:security:devices [2015/01/08 16:30] – [Mikrotik] adminconfiguration:security:devices [2015/02/09 11:38] – [Mikrotik] admin
Line 33: Line 33:
 {{ :configuration:security:mikrotik_vpn_conf2.png?nolink |}} {{ :configuration:security:mikrotik_vpn_conf2.png?nolink |}}
  
-SA Src. Address: is the ip address where we expect the pkts ipsec, ex: the device ip or gateway when behind NAT+SA Src. Address: is the ip address where we expect the pkts ipsec, ex: the device ip or gateway when behind NAT \\
 SA Dst. Address: is the ip address where we expect the pkts ipsec, ex: the CM ip SA Dst. Address: is the ip address where we expect the pkts ipsec, ex: the CM ip
  
Line 42: Line 42:
  
 {{ :configuration:security:mikrotik_vpn_conf5.png?nolink |}} {{ :configuration:security:mikrotik_vpn_conf5.png?nolink |}}
 +
 +
 +== Setting VPN using the terminal ==
 +
 +Schema:
 +
 +^LAN-MK ^ MK ^ CM ^ LAN-CM ^
 +|172.26.7.0/24 | 192.168.20.1 | 192.168.10.1 | 10.10.2.0/24 |
 +
 +
 +Commands:
 +
 +/ip ipsec peer add address=192.168.10.1/32 port=500 auth-method=pre-shared-key secret="PSKEYSECRET2013"
 +
 +/ip ipsec policy add src-address=172.26.7.0/24 src-port=any dst-address=10.10.2.0/24 dst-port=any sa-src-address=192.168.20.1 sa-dst-address=192.168.10.1 tunnel=yes action=encrypt proposal=default
 +
 +/ip firewall nat add chain=srcnat action=accept  place-before=0 src-address=172.26.7.0/24 dst-address=10.10.2.0/24
 +
  
 ===== SONICWALL ===== ===== SONICWALL =====
/home/www/wiki/data/pages/configuration/security/devices.txt · Last modified: 2015/02/09 11:39 by admin
 
Recent changes RSS feed Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki