Overview of configuration steps
|
|
Set up DynDNS account on the first router (Location A)
| Field |
Menu |
Value |
|
Host Name
|
Local Services -> DynDNS Client
-> DynDNS Update -> New
|
e.g.
test1.dyndns.org
|
|
Interface
|
Local Services -> DynDNS Client
-> DynDNS Update -> New
|
DSL ISP
|
|
User Name
|
Local Services -> DynDNS Client
-> DynDNS Update -> New
|
e.g.
test
|
|
Password
|
Local Services -> DynDNS Client
-> DynDNS Update -> New
|
e.g.
test
|
|
Provider
|
Local Services -> DynDNS Client
-> DynDNS Update -> New
|
dyndns
|
|
Enable update
|
Local Services -> DynDNS Client
-> DynDNS Update -> New
|
Disabled |
IPSec configuration - IPSec peers
| Field |
Menu |
Value |
|
Administrative Status
|
VPN -> IPSec ->
IPSec Peers -> New
|
Active |
|
Description
|
VPN -> IPSec ->
IPSec Peers -> New
|
e.g.
be.IP_test2
|
|
Peer Address
|
VPN -> IPSec ->
IPSec Peers -> New
|
e.g.
test2.dyndns.org
|
|
Peer ID
|
VPN -> IPSec ->
IPSec Peers -> New
|
Fully Qualified Domain Name (FQDN)
/
be.IP_test2
|
|
Preshared Key
|
VPN -> IPSec ->
IPSec Peers -> New
|
e.g.
test
|
|
IP Address Assignment
|
VPN -> IPSec ->
IPSec Peers -> New
|
Static |
|
Default Route
|
VPN -> IPSec ->
IPSec Peers -> New
|
Disabled |
|
Local IP Address
|
VPN -> IPSec ->
IPSec Peers -> New
|
192.168.100.1
|
|
Route Entries
|
VPN -> IPSec ->
IPSec Peers -> New
|
192.168.200.0
/
255.255.255.0
|
IPSec configuration - Phase 1
| Field |
Menu |
Value |
|
Description
|
VPN -> IPSec
->Phase-1 Profiles -> New
|
e.g.
*autogenerated*
|
|
Proposals
|
VPN -> IPSec
->Phase-1 Profiles -> New
|
Blowfish, MD5
|
|
DH Group
|
VPN -> IPSec
->Phase-1 Profiles -> New
|
2 (1024 Bit)
|
|
Lifetime
|
VPN -> IPSec
->Phase-1 Profiles -> New
|
900
seconds,
0
kBytes |
|
Authentication Method
|
VPN -> IPSec
->Phase-1 Profiles -> New
|
Preshared Keys
|
|
Mode
|
VPN -> IPSec
->Phase-1 Profiles -> New
|
Aggressive
|
|
Local ID Type
|
VPN -> IPSec
->Phase-1 Profiles -> New
|
Fully Qualified Domain Name (FQDN)
|
|
Local ID Value
|
VPN -> IPSec
->Phase-1 Profiles -> New
|
be.IP_test1
|
|
Alive Check
|
VPN -> IPSec
->Phase-1 Profiles -> New -> Advanced Settings
|
Dead Peer Detection (idle)
|
|
Block Time
|
VPN -> IPSec
->Phase-1 Profiles -> New -> Advanced Settings
|
10
seconds |
|
NAT Traversal
|
VPN -> IPSec
->Phase-1 Profiles -> New -> Advanced Settings
|
Enabled |
IPSec configuration - Phase 2
| Field |
Menu |
Value |
|
Description
|
VPN -> IPSec
->Phase-2 Profiles -> New
|
e.g.
*autogenerated*
|
|
Proposals
|
VPN -> IPSec
->Phase-2 Profiles -> New
|
Blowfish, MD5
|
|
Use PFS Group
|
VPN -> IPSec
->Phase-2 Profiles -> New
|
2 (1024 Bit)
|
|
Lifetime
|
VPN -> IPSec
->Phase-2 Profiles -> New
|
900
seconds,
0
kBytes |
|
IP Compression
|
VPN -> IPSec
->Phase-2 Profiles -> New -> Advanced Settings
|
Disabled
|
|
Alive Check
|
VPN -> IPSec
->Phase-2 Profiles -> New -> Advanced Settings
|
Heartbeats (send & expect)
|
|
Propagate PMTU
|
VPN -> IPSec
->Phase-2 Profiles -> New -> Advanced Settings
|
Enabled |
Set up DynDNS account on the second router (Location B)
| Field |
Menu |
Value |
|
Host Name
|
Local Services -> DynDNS Client
-> DynDNS Update -> New
|
e.g.
test2.dyndns.org
|
|
Interface
|
Local Services -> DynDNS Client
-> DynDNS Update -> New
|
DSL ISP
|
|
User Name
|
Local Services -> DynDNS Client
-> DynDNS Update -> New
|
e.g.
test
|
|
Password
|
Local Services -> DynDNS Client
-> DynDNS Update -> New
|
e.g.
test
|
|
Provider
|
Local Services -> DynDNS Client
-> DynDNS Update -> New
|
dyndns
|
|
Enable update
|
Local Services -> DynDNS Client
-> DynDNS Update -> New
|
Enabled |
IPSec configuration - IPSec peers
| Field |
Menu |
Value |
|
Administrative Status
|
VPN -> IPSec
->IPSec Peers -> New
|
Active |
|
Description
|
VPN -> IPSec
->IPSec Peers -> New
|
e.g.
be.IP_test1
|
|
Peer Address
|
VPN -> IPSec
->IPSec Peers -> New
|
e.g.
test1.dyndns.org
|
|
Peer ID
|
VPN -> IPSec
->IPSec Peers -> New
|
Fully Qualified Domain Name (FQDN)
/
be.IP_test1
|
|
Preshared Key
|
VPN -> IPSec
->IPSec Peers -> New
|
e.g.
test
|
|
IP Address Assignment
|
VPN -> IPSec
->IPSec Peers -> New
|
Static |
|
Default Route
|
VPN -> IPSec
->IPSec Peers -> New
|
Disabled |
|
Local IP Address
|
VPN -> IPSec
->IPSec Peers -> New
|
192.168.200.1
|
|
Route Entries
|
VPN -> IPSec
->IPSec Peers -> New
|
192.168.100.0
/
255.255.255.0
|
IPSec configuration - Phase 1
| Field |
Menu |
Value |
|
Description
|
VPN -> IPSec
->Phase-1 Profiles -> New
|
e.g.
*autogenerated*
|
|
Proposals
|
VPN -> IPSec
->Phase-1 Profiles -> New
|
Blowfish, MD5
|
|
DH Group
|
VPN -> IPSec
->Phase-1 Profiles -> New
|
2 (1024 Bit)
|
|
Lifetime
|
VPN -> IPSec
->Phase-1 Profiles -> New
|
900
seconds,
0
kBytes |
|
Authentication Method
|
VPN -> IPSec
->Phase-1 Profiles -> New
|
Preshared Keys
|
|
Mode
|
VPN -> IPSec
->Phase-1 Profiles -> New
|
Aggressive
|
|
Local ID Type
|
VPN -> IPSec
->Phase-1 Profiles -> New
|
Fully Qualified Domain Name (FQDN)
|
|
Local ID Value
|
VPN -> IPSec
->Phase-1 Profiles -> New
|
be.IP_test2
|
|
Alive Check
|
VPN -> IPSec
->Phase-1 Profiles -> New -> Advanced Settings
|
Dead Peer Detection (idle)
|
|
Block Time
|
VPN -> IPSec
->Phase-1 Profiles -> New -> Advanced Settings
|
10
seconds |
|
NAT Traversal
|
VPN -> IPSec
->Phase-1 Profiles -> New -> Advanced Settings
|
Enabled |
IPSec configuration - Phase 2
| Field |
Menu |
Value |
|
Description
|
VPN -> IPSec
->Phase-2 Profiles -> New
|
e.g.
*autogenerated*
|
|
Proposals
|
VPN -> IPSec
->Phase-2 Profiles -> New
|
Blowfish, MD5
|
|
Use PFS Group
|
VPN -> IPSec
->Phase-2 Profiles -> New
|
2 (1024 Bit)
|
|
Lifetime
|
VPN -> IPSec
->Phase-2 Profiles -> New
|
900
seconds,
0
kBytes |
|
IP Compression
|
VPN -> IPSec
->Phase-2 Profiles -> New -> Advanced Settings
|
Disabled
|
|
Alive Check
|
VPN -> IPSec
->Phase-2 Profiles -> New -> Advanced Settings
|
Heartbeats (send & expect)
|
|
Propagate PMTU
|
VPN -> IPSec
->Phase-2 Profiles -> New -> Advanced Settings
|
Enabled |
| Copyright© Version 08/2020 bintec elmeg GmbH |
|