...
In this scenario, both sites have static public ip address and setup a tunnel between sites. After the tunnel is established, the clients within the site should be able to ping the clients on the other side through the tunnel. The tunnel is authenticated through pre-shared key.
IPSec CR for gateway A:
...
NAT CR:
| Code Block |
|---|
Rest calls:
GET /cgi-bin/luci/sdewan/ipsec/v1/sites
...
In this scenario, the initiator sends out a request to the site gateway(responder) which has a static public ip address(or dynamic pubic IP with static domain name) in order to setup a tunnel between. However, this time, the roadwarrior is also going to ask for a virtual IP that assigned by the responder. After the tunnel is established, the roadwarrior should be able to get an overlay IP and ping the clients on the other side through the tunnel. The tunnel is authenticated through pre-shared key.
IPSec CR for Gateway A:
...