Set vpn l2tp remote-access authentication mode local Set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret Set vpn l2tp remote-access ipsec-settings authentication mode pre-shared-secret Set vpn l2tp remote-access dns-servers server-1 '1.1.1.1' Set vpn l2tp remote-access client-ip-pool stop 192.168.255.254 Set vpn l2tp remote-access client-ip-pool start 192.168.255.1 Set vpn l2tp remote-access outside-address 'x.x.x.x' Set vpn ipsec ipsec-interfaces interface 'dum0' Set vpn ipsec nat-networks allowed-network 0.0.0.0/0 Set nat destination rule 20 translation address 'x.x.x.x' Configure L2TP and IPSec: Set nat destination rule 20 inbound-interface 'eth0' Set interfaces dummy dum0 address 'x.x.x.x/32' Create DNAT rules: Set public IP addresses on the dummy interface: In this case we can use a simple solution with a dummy interface and DNAT rules on VyOS routers. All instances on AWS are located behind 1-to-1 NAT and this affectly IPSec negatively.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |