1,813 bytes added
, 3 years ago
= VPN =
The following contains information on various VPN setups that you can use.
== IPSEC ==
Information on how to setup IPSEC tunnels.
=== Mikrotik to Strongswan==
==== Strongswan config ====
/etc/ipsec.conf:
conn <name>
authby=secret
auto=route
keyexchange=ike
left=<your local IP>
right=<remote IP of Mikrotik system>
leftikeport=500
rightikeport=500
type=transport
ike=aes256-sha1-modp1024!
esp=aes256-sha1!
dpddelay=5
dpdtimeout=20
dpdaction=clear
/etc/ipsec.secrets:
<your local IP> <remote IP of Mikrotik system> : PSK "<Put your preshared key here>"
==== Mikrotik Config ====
/ip ipsec policy
add src-address=0.0.0.0/0 dst-address=<remote IP of strongswan system> proposal=ike2 ipsec-protocols=esp
/ip ipsec proposal
add name="ike2" auth-algorithms=sha256,sha1 enc-algorithms=aes-256-cbc,aes-128-cbc lifetime=30m pfs-group=none
/ip ipsec peer
add name="<name of strongswan system>" address=<local IP> profile=ike2 exchange-mode=main send-initial-contact=yes
/ip ipsec identity
add peer=<remote IP of strongswan system> auth-method=pre-shared-key secret="<Put your preshared key here>" generate-policy=no
/ip ipsec profile
add name="ike2" hash-algorithm=sha1 enc-algorithm=aes-256,aes-192,aes-128,3des,des dh-group=modp2048,modp1024 lifetime=8h proposal-check=obey nat-traversal=no dpd-interval=2m dpd-maximum-failures=5
== OpenVPN ==
Information on how to setup OpenVPN.
== L2TP ==
Information on how to setup L2TP.
== TINC ==
Information on how to setup TINC.
== Wireguard ==
Information on how to setup Wireguard.
== Other ==
Any other information that doesn't fit elsewhere.