Hi Michael,

I only used StrongSwan with the AVM Fritzbox router/DSL modem models, which are 
widely used in Germany. You'll have to create a textfile, which has to be 
imported into the Fritzbox via the WebGUI.

Luckily the newer Fritzbox models now support WireGuard. Never used Unifi for 
VPN. I thought you wanted to use Gl.inet routers …

Michael

http://www.mksolutions.info

> Am 07.03.2024 um 12:52 schrieb Lonnie Abelbeck <li...@lonnie.abelbeck.com>:
> 
> Hi Michael,
> 
> Unifi access points and switches have played well with others over the years.
> 
> Unifi routing products, while based on linux, never had a good track record 
> of interoperability, particularly with VPNs.
> 
> It would seem straightforward for Unifi to support sourcing manual Wireguard 
> configs in addition to the pretty GUI Wireguard configs ... maybe someday.
> 
> Personally, I would not even try to get AstLinux Strongswan to work with 
> Unifi's IPsec.
> 
> Lonnie
> 
> 
> 
>> On Mar 7, 2024, at 12:17 AM, Michael Knill 
>> <michael.kn...@ipcsolutions.com.au> wrote:
>> 
>> Noone 🙁
>> 
>> Regards 
>> Michael Knill
>> From: Michael Knill <michael.kn...@ipcsolutions.com.au>
>> Sent: Friday, 23 February 2024 2:50 PM
>> To: AstLinux List (astlinux-users@lists.sourceforge.net) 
>> <astlinux-users@lists.sourceforge.net>
>> Subject: [Astlinux-users] Ubiquiti Unifi
>> 
>> Im kicking and screaming all the way, but I will probably be moving to the 
>> Ubiquiti Unifi ecosystem (we already use their WAP’s).
>> As part of this, I will be implementing some of their gateways (routers) 
>> which I really need to connect via VPN to Astlinux in the cloud.
>> They now support Wireguard but only as a client or server and not as a site 
>> to site VPN which they support Open VPN and IPsec only. In the Wireguard 
>> client configuration they emulate a mobile client so all traffic is from the 
>> gateway address (NAT).
>> 
>> So just wondering if Im going to be able to get this working with OpenVPN as 
>> per below:
>> 
>> <image002.png>
>> 
>> Looks like it only support Pre-Shared Key and not certificates?
>> 
>> Could probably use Strongswan with IPsec but would rather not unless someone 
>> has got this working or something similar.
>> 
>> Regards
>> 
>> Michael Knill
>> Managing Director
>> 
>> D: +61 2 6189 1360
>> P: +61 2 6140 4656
>> E: michael.kn...@ipcsolutions.com.au
>> W: ipcsolutions.com.au
>> 
>> <image001.png>
>> Smarter Business Communications



_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users

Donations to support AstLinux are graciously accepted via PayPal to 
pay...@krisk.org.

Reply via email to