EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Monday 25 November 2024, 12:37:39 pm
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
CLICK HERE
for the The official Endian Roadmap and Issue tracker
14261
Posts in
4377
Topics by
6517
Members
Latest Member:
Sandro
Search:
Advanced search
EFW Support
Support
VPN Support
Really stuck setting up IPSec - unsure of settings for my Net 2 Net
0 Members and 0 Guests are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: Really stuck setting up IPSec - unsure of settings for my Net 2 Net (Read 13434 times)
clarose
Jr. Member
Offline
Posts: 7
Really stuck setting up IPSec - unsure of settings for my Net 2 Net
«
on:
Monday 07 July 2014, 03:36:04 am »
Remote site
10.10.x.x internal, 123.123.123.1 public
Machine on their INTERNAL network makes request to 172.16.16.1 which is intercepted and sent by their firewall to our PUBLIC IP address handled by Endian 3.0 Community
Our internal is 192.168.3.0/24
My IPSEC Settings:
Local IntFace: Uplink (RED)
Local subnet: 192.168.3.0/24
Remote IP: 123.123.123.1
Remote subnet: 10.10.0.0/16
All the encryption and PSK is setup and correct.
What do I need to do to "see" the request the remote side made to 172.16.16.1? Does it show up on the Endian as 172.x.x.x or 10.10.x.x?
Do I put in an incoming route for 10 series or 172 series?
IPSec connection shows "Connected" but always sending retransmit packets:
ipsec 08[NET] sending packet: from (OUR PUBLIC IP)[500] to (Their Public IP)[500] (76 bytes)
ipsec 08[IKE] sending retransmit 3 of request message ID 2230995878, seq 4
I am at a loss.
Logged
djkouza
Jr. Member
Offline
Posts: 2
Re: Really stuck setting up IPSec - unsure of settings for my Net 2 Net
«
Reply #1 on:
Tuesday 23 September 2014, 08:31:08 am »
It could all depend on the remote firewall.
But for what it's worth, here is a setup I have that is working.
I have a Endian 3.0 in Site A with local IP 192.168.x.x/16 and a Juniper in site B with local IP 10.33.x.x/16. On the Endian side nothing short of setting up the IPsec tunnel was needed. On the Juniper side I had to setup the IPsec connection, then a route for traffic as well as firewall policies to allow traffic through. (note: from what I can tell it's a bug that EFW 3.0 currently doens't allow firewall of the IPsec connection, so once fixed Endian MAY need some firewall policies as well)
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.063 seconds with 19 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com