This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPSEC_VPN

At present running Astaro ver.4 and trying to configure network to network connection. In IPSEC-VPN --> connections need to configure an Authentication of remote station and that does not give me any choices.Please help

Thanks,

sw

This thread was automatically locked due to age.

0 Simon Shaw over 21 years ago

Hi, you need to generate a key and certificates. Then set the certificate for each firewall. Next you need to import the public part of the certificate into each firewall. Clear as mud right.

Under the IPSEC VPN menu do this:

On each Astaro box.
Go to CA Management
Create a new Certificate Authority
Create a new Host CSR and Certificate.

On each Astaro box, go to Local Keys
Select the local certificate for that host that you just created.
This will set the certificate used by the local box and which remote boxes will authenticate with.

Now on each box, export its local certificate to a file, suggest PKCS#12 as this is easiest to work with.

Now on each box, import the other boxes certificate export.
(You are swapping keys)

Now you should be able to use X509 keys to authenticate your VPN IPSEC connections.

Suggest you use AES_PFS_COMP encryption. (Fast and very secure).
Cancel
Vote Up 0 Vote Down

Cancel