|
Below is the xml of the remote tunnel. On the remote side I added a the following rules (1) Advanced out bound NAT 192.168.168.110 to any use gateway xxx.xxx.xxx.xxx (2) firewall rules Allow 192.168.168.110 to any on interface LAN Then the following tunnel was hacked into the xml
configuration file. <tunnel> <interface>wan</interface> <local-subnet> <address>192.168.168.110</address> </local-subnet> <remote-subnet>0.0.0.0/0</remote-subnet> <remote-gateway>xxx.xxx.xxx.xxx</remote-gateway> <p1> <mode>aggressive</mode> <myident> <myaddress/> </myident> <encryption-algorithm>3des</encryption-algorithm> <hash-algorithm>sha1</hash-algorithm> <dhgroup>2</dhgroup> <lifetime>3600</lifetime> <pre-shared-key>xxxxxxxxxxxx</pre-shared-key> <private-key/> <cert/> <peercert/> <authentication_method>pre_shared_key</authentication_method> </p1> <p2> <protocol>esp</protocol> <encryption-algorithm-option>3des</encryption-algorithm-option> <encryption-algorithm-option>blowfish</encryption-algorithm-option> <encryption-algorithm-option>cast128</encryption-algorithm-option> <encryption-algorithm-option>rijndael</encryption-algorithm-option> <hash-algorithm-option>hmac_sha1</hash-algorithm-option> <hash-algorithm-option>hmac_md5</hash-algorithm-option> <pfsgroup>0</pfsgroup> <lifetime>3600</lifetime> </p2> <descr>test</descr> </tunnel> Give it a try Alan |
- [pfSense Support] ipsec tunnel to remote gateway alan walters
- Re: [pfSense Support] ipsec tunnel to remote gateway Scott Ullrich
- RE: [pfSense Support] ipsec tunnel to remote gateway alan walters
