Set vpn ipsec remote-access connection ROADWARRIOR pool 'ROADWARRIOR-IPV6' Set vpn ipsec remote-access connection ROADWARRIOR pool 'ROADWARRIOR-IPV4' Set vpn ipsec remote-access connection ROADWARRIOR ike-group 'IKE-ROADWARRIOR' Set vpn ipsec remote-access connection ROADWARRIOR esp-group 'ESP-ROADWARRIOR' Set vpn ipsec remote-access pool ROADWARRIOR-IPV6 prefix 'w:x:y:z::/64' Set vpn ipsec remote-access pool ROADWARRIOR-IPV4 name-server '10.10.40.200' Set vpn ipsec remote-access pool ROADWARRIOR-IPV4 prefix '10.10.50.0/24' Set vpn ipsec esp-group ESP-ROADWARRIOR pfs 'dh-group24' Set vpn ipsec esp-group ESP-ROADWARRIOR proposal 10 hash 'sha256' Set vpn ipsec esp-group ESP-ROADWARRIOR proposal 10 encryption 'aes256gcm128' Set vpn ipsec esp-group ESP-ROADWARRIOR lifetime '3600' Set vpn ipsec ike-group IKE-ROADWARRIOR proposal 10 dh-group '24' Set vpn ipsec ike-group IKE-ROADWARRIOR proposal 10 hash 'sha384' Set vpn ipsec ike-group IKE-ROADWARRIOR proposal 10 encryption 'aes256gcm128' Set vpn ipsec ike-group IKE-ROADWARRIOR lifetime '7200' Set vpn ipsec ike-group IKE-ROADWARRIOR key-exchange 'ikev2' ![]() Set vpn ipsec options 'disable-route-autoinstall' ![]() Thanks for your help and here’s the configuration I use for my VPN Roadwarrior by modifying the values : # I don’t understand, where do the filters apply to prevent communications to these clients? On the other hand, I notice that from the outside my clients connected with an IPv6 from the pool assigned to remore-access are accessible from the outside and impossible to filter the packets with their IP as destinations. I have an IPSec IKEv2 roadwarrior tunnel configured on my VyOS 1.4 which optionally supports WAN IPv6 from connected clients, it works fine.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |