|
OpenBSD Security Functionally paranoid! |
|
Thread Tools | Display Modes |
|
|||
connect to an other site using ipsec-nat
Hello,
We have to connect to a factory using ipsec and nat. A server(factory) will send backup to us using ftp. Our ftp server is protected by a firewall with OpenBSD (PF and ftp-proxy) OpenBSD firewall : 2 interfaces : egress (81.255.XX.XX) and local (10.0.0.3) ; FTP server : 10.0.0.4 The admin of the factory has send me informations to configure vpn ipsec : our vpn gateway : 81.255.XX.XX src address :192.168.191.0/24 dst address : 192.168.192.0/24 factory vpn gateway : 210.253.XX.XX src address : 192.168.192.0/24 dst address : 192.168.191.0/24 Authentication Mode: Preshared Keys Diffie-Hellman Group 2 (1024 bit) Encryption Algorithm: AES 256 Hashing Algoritm: SHA-1 Negotiation Mode: Main Lifetime : 28800 sec IPSec-Parameter: Perfect Forward Secrecy: Group 2 Encapsulation : ESP Encryption Algorithm: AES 256 Authentication Algorithm : SHA-1 Encapsulation Mode: Tunnel Lifetime : 3600 sec the preshared key : haiku i have read man pages of ipsec.conf, ipsecctl, isakampd. My pf.conf let protocol esp, udp 500 and 4500 from any to any. I dont see how to realize that. If someone can help me. Thank you. |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
ipsec with client nat | sicute | OpenBSD General | 0 | 30th October 2008 05:39 PM |
Routing between site-to-site tunnels | docrice | OpenBSD General | 5 | 26th September 2008 09:21 AM |
IPsec on openbsd | hitete | OpenBSD Installation and Upgrading | 1 | 12th July 2008 01:57 AM |
Bare Minimum Site-to-Site VPN on OpenBSD | ai-danno | Guides | 0 | 20th May 2008 12:45 AM |
Transferring away from the other site... | s2scott | Feedback and Suggestions | 2 | 5th May 2008 09:47 AM |