Konfiguracja IPSec VPN na BB10 z MT
Konfiguracja na MT
/interface bridge add fast-forward=no name=vpn-bridge /ip ipsec peer profile add dh-group=modp2048 enc-algorithm=aes-256 hash-algorithm=sha256 name=\ profile_1 /ip ipsec proposal add auth-algorithms=sha256,sha1 enc-algorithms=aes-256-cbc,aes-128-cbc name=\ ikev2-proposal pfs-group=modp4096 /ip pool add name=ipsec-pool ranges=192.168.111.2-192.168.111.10 /ip ipsec mode-config add address-pool=ipsec-pool address-prefix-length=32 name=ikev2_cfg \ system-dns=no /ip address add address=192.168.111.1/24 interface=vpn-bridge network=192.168.111.0 /ip firewall nat add action=masquerade chain=srcnat comment="maskarada na vpn" out-interface=\ ether10 src-address=192.168.111.0/24 /ip ipsec peer add address=0.0.0.0/0 exchange-mode=ike2 generate-policy=port-strict \ mode-config=ikev2_cfg passive=yes profile=profile_1 secret=\ haslo /ip ipsec policy add dst-address=192.168.111.0/24 proposal=ikev2-proposal src-address=\ 0.0.0.0/0 template=yes