Messages

1

General Discussion / Use aliases in IPsec connections setup

« on: December 14, 2023, 09:51:02 am »

Would it be possible to use aliases to define local and remote subnets in IPSEC connections setup?

2

23.7 Legacy Series / Re: New IPSEC setup with hostname in Remote endpoint and PSK

« on: October 27, 2023, 12:14:09 pm »

I'll try that next week.

Where in the GUI should I use it?

PSK definition or Remote Identity in Connection setup?

3

23.7 Legacy Series / Re: New IPSEC setup with hostname in Remote endpoint and PSK

« on: October 27, 2023, 11:25:44 am »

Can I use DNS type then in the GUI of the new IPSEC?

"If the value has the form <type>:<value> (supported since version 5.2.2), the type and value are explicitly specified:

The following types are known: ipv4, ipv6, ipv4net, ipv6net, ipv4range, ipv6range, rfc822, email, userfqdn, fqdn, dns, asn1dn, asn1gn and keyid. Custom type prefixes may be specified by surrounding the numerical type value with curly brackets."

4

23.7 Legacy Series / Re: New IPSEC setup with hostname in Remote endpoint and PSK

« on: October 27, 2023, 11:03:06 am »

I need it to resolv the hostname from Remote Endpolint and use IP as Remote Identity. Thats how it worked before. I don't see how I can do that now. If I put the hostname in Remote Authentication it does not resolv it and use the IP.

5

23.7 Legacy Series / New IPSEC setup with hostname in Remote endpoint and PSK

« on: October 27, 2023, 10:56:30 am »

How do I configure IPSEC in the new connections with remote endpoint as hostname and Identities as IP addresses?

In the old config I just put hostname in Remote Endpoint and setup PSK and setup Identities to My IP and Remote IP.

How do I configure that in the new IPSEC PSK setup?

6

23.7 Legacy Series / Re: aes128gcm16-aesxcbc-modp2048 missing after 23.7.7 update

« on: October 26, 2023, 09:26:00 pm »

ok, I have not tried to find it in IPSEC new connections before now. Only in legacy IPSEC. I'll update to DH14 I think.

7

23.7 Legacy Series / Re: aes128gcm16-aesxcbc-modp2048 missing after 23.7.7 update

« on: October 26, 2023, 09:10:18 pm »

ok,

Is aes256-sha256-modp1024[DH2] / AES (256 bits) + SHA256 + DH Group 2 not an option with the new connection proposals. I'm having one IPSEC IKEv1 using it.

8

23.7 Legacy Series / Re: aes128gcm16-aesxcbc-modp2048 missing after 23.7.7 update

« on: October 26, 2023, 06:02:07 pm »

It does work now

9

23.7 Legacy Series / Re: aes128gcm16-aesxcbc-modp2048 missing after 23.7.7 update

« on: October 26, 2023, 04:15:11 pm »

Thank you.

10

23.7 Legacy Series / aes128gcm16-aesxcbc-modp2048 missing after 23.7.7 update

« on: October 26, 2023, 12:15:48 pm »

Hi,

After updating to 23.7.7 I can no longer choose aes128gcm16-aesxcbc-modp2048 in new IPSEC Connections Proposals.

11

23.7 Legacy Series / Re: IPSEC Automatically generated rules

« on: October 12, 2023, 11:23:35 am »

Thank you

12

23.7 Legacy Series / IPSEC Automatically generated rules

« on: October 12, 2023, 11:03:54 am »

When using the new IPSEC "connections" Automatically generated rules for IPSEC is no longer created.

13

23.7 Legacy Series / IPSEC IDs setup 2 times in 23.7

« on: August 24, 2023, 12:26:16 pm »

Why do I have to setup the IPSEC local and remote IDs 2 times in 23.7?

In both "Pre-shared Keys" menu and in Authentication section of Connection setup.

14

23.7 Legacy Series / Re: Enable IPSEC in 23.7

« on: August 18, 2023, 09:50:17 am »

sorry - now I seen it...

15

23.7 Legacy Series / Enable IPSEC in 23.7

« on: August 17, 2023, 12:48:34 pm »

In 23.7 the enable IPSEC is still in Tunnel Settings [legacy]. If disabled in legacy the new "Connections" does not start.