OPNsense Forum

Archive => 17.1 Legacy Series => Topic started by: Ulrar on January 21, 2017, 11:17:54 am

Title: IPSec as client
Post by: Ulrar on January 21, 2017, 11:17:54 am

Hi,

I'm trying to connect to a couple of routers using IPsec.
For work, I have control over the other router so I just configured a site to site tunnel and it works fine.
But I have another one I want to connect to over which I have no control. (I do know we are only two using it so maybe I could talk to the other person and change it, but I'd rather not, it's been working fine for years)

Here is the config I'm supposed to be using :

Quote

config setup
       plutostart=no

conn %default
       ikelifetime=60m
       keylife=20m
       rekeymargin=3m
       keyingtries=1
       keyexchange=ikev2

conn grifon
       leftid=$utilisateur@<other side>
       leftfirewall=yes
       leftauth=eap-ttls
       right=<other side>
       rightid="C=FR, ...."
       rightsendcert=never
       rightauth=eap
       type=transport
       auto=start
       closeaction=restart

I've been trying to figure out what to put in the web interface to arrive at a config file looking vaguely like this, and I'm starting to think there's just no way.
As for the password, it's supposed to be put in the secrets file in this form :

Quote

$utilisateur@<other side> : EAP "motdepasseutilisateur"

Do you have any tips on how I could connect to this ?
I'm supposed to be adding L2TP after that, too.

Thanks