pfSense – VPN IPSEC entre Endian e pfSense

 

1 – Observações

  • Utilizar no maximo 8 caracteres na Pre-Shared Key
  • Adicionar as regras de firewall na interface IPSEC do pfSense e no SYSTEM ACCESS do Endian

 

2 – Mapeamento das configurações

pfSense   Endian firewall
General Information IPsec settings (Dead Peer Detection)
Key Exchange version IKEv1 Ping delay (in seconds) 30
Internet Protocol IPv4 Timeout interval (in seconds) – IKEv1 only 120
Interface WAN
Remote Gateway 192.168.1.20 Connections
Description VPN-PFSENSE-ENDIA Name * VPNPFSENSE
Connection type Host-to-net
Phase 1 Proposal (Authentication)
Authentication Method Mutual PSK Authentication
Negotiation mode Main Authentication type Password (PSK)
My identifier My ip address Use a pre-shared key SENHA88
Peer identifier Peer IP address Interface Uplink main
Pre-Shared Key SENHA88 Local subnets (only IKEv2 supports multiple subnets) * 192.168.40.0/24
Remote host/IP 192.168.1.3
Phase 1 Proposal (Algorithms) Dead peer detection action Restart
Encryption Algorithm 3DES
Hash Algorithm MD5 Advanced (Internet Key Exchange protocol configuration)
DH Group 5 (1536 bit) IKE encryption 3DES
Lifetime (Seconds) 28800 IKE integrity MD5
IKE group type DH group (1536 bit)
Advanced Options IKE lifetime (hours) 1
NAT Traversal Auto IKE version IKEv1
Dead Peer Detection Habilitado
Delay 10 Encapsulating security payload configuration
Max failures 5 ESP encryption 3DES
ESP integrity MD5
General Information ESP group type DH group (1536 bit)
Mode Tunnel IPv4 ESP lifetime (hours) 8
Local Network Lan subnet Mode config (IKEv1 only) Pull
NAT/BINAT translation None Enabled Habilitado
Remote Network 192.168.40.0/24
Description Endian
Phase 2 Proposal (SA/Key Exchange)
Protocol ESP
Encryption Algorithms 3DES
Hash Algorithms MD5
PFS key group 5 (1536 bit)
Lifetime (Seconds) 3600

 

3 – Configuração no pfSense

 

4 – Configuração Endian Firewall

 

 

5 – .CONF

Endian

 

pfSense

 

Deixe uma resposta