Table of Contents
Devices
Draytek - Vigor 3200
General
| Compatible | 8 |
|---|---|
| Recommended | 8 |
| VPN | subnet to subnet |
Mikrotik
General
| Compatible | 8 |
|---|---|
| Recommended | 7 |
| VPN | subnet to subnet |
SA Src. Address: is the ip address where we expect the pkts ipsec, ex: the device ip or gateway when behind NAT
SA Dst. Address: is the ip address where we expect the pkts ipsec, ex: the CM ip
Setting VPN using the terminal
Schema:
| LAN-MK | MK | CM | LAN-CM |
|---|---|---|---|
| 172.26.7.0/24 | 192.168.20.1 | 192.168.10.1 | 10.10.2.0/24 |
Commands:
/ip ipsec peer add address=192.168.10.1/32 port=500 auth-method=pre-shared-key secret=“PSKEYSECRET2013”
/ip ipsec policy add src-address=172.26.7.0/24 src-port=any dst-address=10.10.2.0/24 dst-port=any sa-src-address=192.168.20.1 sa-dst-address=192.168.10.1 tunnel=yes action=encrypt proposal=default
/ip firewall nat add chain=srcnat action=accept place-before=0 src-address=172.26.7.0/24 dst-address=10.10.2.0/24
Make sure the default proposal is set with the parameters supported by CM, check previous screen shots
SONICWALL
General
| Compatible | 8 |
|---|---|
| Recommended | 8 |
| VPN | subnet to subnet |
Zyxel
ZyWall USG 20
General
| Compatible | 8 |
|---|---|
| Recommended | 8 |
| VPN | subnet to subnet |
P-661HW-D1
General
| Compatible | 8 |
|---|---|
| Recommended | 8 |
| VPN | subnet to subnet |
