Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 26 subscribers
  • Views 1672 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos ASG auf Vserver mit Tunnel zu Fritzbox hinter Vodafone Router - keine Verbindung

tony thorbahn

Hallo an alle,

 

ich habe jetzt viel gelesen und viele Anleitungen ausprobiert. Aber ich bekomme leider keinen VPN Tunnel mit IPsec hin.

Ich habe eine ASG auf einem Vserver mit nur einer Lan Schnittstelle und zuhause eine Fritzbox hinter einem Vodafone Router.

 

Hat jemand die Kombination zum laufen bekommen?



This thread was automatically locked due to age.
Parents
  • 0 in reply to tony thorbahn

    Eine meiner configs:

     

    vpncfg {
            connections {
                    enabled = yes;
                    conn_type = conntype_lan;
                    name = "Sophos_x";
                    always_renew = yes;
                    reject_not_encrypted = no;
                    dont_filter_netbios = yes;
                    localip = 0.0.0.0;
                    local_virtualip = 0.0.0.0;
                    remoteip = 185.xxx.xxx.xxx; // Change to Sophos External IP
                    remote_virtualip = 0.0.0.0;
                    localid {
                            fqdn = xxx.ddns.net; // Change
                    }
                    remoteid {
                            ipaddr = 185.xxx.xxx.xxx; // Change
                    }
                    mode = phase1_mode_idp; // Main Mode
                    phase1ss = "dh14/aes/sha";
                    keytype = connkeytype_pre_shared;
                    key = xxx; // has to be changed
                    cert_do_server_auth = no;
                    use_nat_t = yes;
                    use_xauth = no;
                    use_cfgmode = no;
                    phase2localid {
                            ipnet {
                                    ipaddr = 192.168.222.0; // change
                                    mask = 255.255.255.0;
                            }
                    }
                    phase2remoteid {
                            ipnet {
                                    ipaddr = 185.xxx.xxx.xxx; // change
                                    mask = 255.255.252.0;
                            }
                    }
                    phase2ss = "esp-aes256-3des-sha/ah-no/comp-lzs-no/pfs";
                    accesslist = "permit ip any 185.xxx.xxx.xxx 255.255.252.0"; // change IP
            }
            ike_forward_rules = "udp 0.0.0.0:500 0.0.0.0:500",
                                "udp 0.0.0.0:4500 0.0.0.0:4500";
    }


    // EOF

Reply
  • 0 in reply to tony thorbahn

    Eine meiner configs:

     

    vpncfg {
            connections {
                    enabled = yes;
                    conn_type = conntype_lan;
                    name = "Sophos_x";
                    always_renew = yes;
                    reject_not_encrypted = no;
                    dont_filter_netbios = yes;
                    localip = 0.0.0.0;
                    local_virtualip = 0.0.0.0;
                    remoteip = 185.xxx.xxx.xxx; // Change to Sophos External IP
                    remote_virtualip = 0.0.0.0;
                    localid {
                            fqdn = xxx.ddns.net; // Change
                    }
                    remoteid {
                            ipaddr = 185.xxx.xxx.xxx; // Change
                    }
                    mode = phase1_mode_idp; // Main Mode
                    phase1ss = "dh14/aes/sha";
                    keytype = connkeytype_pre_shared;
                    key = xxx; // has to be changed
                    cert_do_server_auth = no;
                    use_nat_t = yes;
                    use_xauth = no;
                    use_cfgmode = no;
                    phase2localid {
                            ipnet {
                                    ipaddr = 192.168.222.0; // change
                                    mask = 255.255.255.0;
                            }
                    }
                    phase2remoteid {
                            ipnet {
                                    ipaddr = 185.xxx.xxx.xxx; // change
                                    mask = 255.255.252.0;
                            }
                    }
                    phase2ss = "esp-aes256-3des-sha/ah-no/comp-lzs-no/pfs";
                    accesslist = "permit ip any 185.xxx.xxx.xxx 255.255.252.0"; // change IP
            }
            ike_forward_rules = "udp 0.0.0.0:500 0.0.0.0:500",
                                "udp 0.0.0.0:4500 0.0.0.0:4500";
    }


    // EOF

Children
No Data