Versions Compared

Old Version 2

changes.mady.by.user Ruoyu Ying

Saved on

compared with

New Version 3

changes.mady.by.user Ruoyu Ying

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

GET /cgi-bin/luci/sdewan/ipsec/v1/sites

{
    "sites": [

        {

            "name": "siteA"

            "gateway":"192.168.1.10",

            "crypto_proposal": "proposal1",

            "connections": [

              {

                "type": "tunnel"

                "local_subnet": "10.1.0.1/24",

                "remote_subnet": "10.2.0.1/24",

                "crypto_proposal": "proposal1"

              }

        },

       {

            "name": "siteB"

            "gateway":"192.168.1.11",

            "crypto_proposal": "proposal1",

            "connections": [

              {

                "type": "tunnel"

                "local_subnet": "10.2.0.1/24",

                "remote_subnet": "10.1.0.1/24",

                "crypto_proposal": "proposal1"

              }

        }

    ]
}



Decomposed Scenario B: Host-to-Site tunnel 

In this scenario, the initiator sends out a request to the site gateway(responder) which has a static public ip address(or dynamic pubic IP with static domain name) in order to setup a tunnel between. After the tunnel is established, the roadwarrior should be able to ping the clients on the other side through the tunnel. The tunnel is authenticated through pre-shared key.

Image RemovedImage Added

IPSec CR for Gateway A:

...