I have installed softEther, But do not know how and where to do the following settings:
VPN Tunnel Endpoint IP address 196.6.103.x
IKE Encryption (DES, 3DES, AES) AES 256
Authentication Method (MD5, SHA) SHA
Diffie-Helman Group (1,2,5) 5
Security Association Lifetime 28800
IPSEC Encryption (DES, 3DES,AES) AES 256
Authentication Method (MD5, SHA) SHA
Diffle-Helman Group (1,2) 2
Security Association Lifetime (Sec) 1800
Perfect Forward Secrecy (Yes, No) Yes
PFS Diffie-Helman Group (1,2,5) 5
Host Ip 196.6.103.x
vpn site to site
-
bschelst
- Posts: 3
- Joined: Mon Aug 08, 2016 6:33 pm
Re: vpn site to site
softether doesn't have S2S like this.
Softether only does a kind of site to site using 2 softether installations. (lan-to-lan they call that)
You need to use for example strongswan/libreswan/openswan/etc to accomplish this type of S2S connection.
Softether only does a kind of site to site using 2 softether installations. (lan-to-lan they call that)
You need to use for example strongswan/libreswan/openswan/etc to accomplish this type of S2S connection.
-
moatazelmasry
- Posts: 336
- Joined: Sat Aug 15, 2015 7:41 pm
Re: vpn site to site
Two things:
1- SoftEther does not have IPSec tunneling mode, only transport mode. Which means you can use IPSec encryption through other tunneling protocol, for example L2TP. I'm working right now on IPSec tunneling mode for SoftEther, but not done yet:
https://github.com/moatazelmasry2/SoftE ... sec-tunnel
2- The current implementation of SoftEther while supporting all the security associations you mentioned, but it indeed does not support S2S communication (AFAIK).
Strongswan has indeed S2S support. Look at the examples here:
https://wiki.strongswan.org/projects/st ... v2Examples
Cheers
1- SoftEther does not have IPSec tunneling mode, only transport mode. Which means you can use IPSec encryption through other tunneling protocol, for example L2TP. I'm working right now on IPSec tunneling mode for SoftEther, but not done yet:
https://github.com/moatazelmasry2/SoftE ... sec-tunnel
2- The current implementation of SoftEther while supporting all the security associations you mentioned, but it indeed does not support S2S communication (AFAIK).
Strongswan has indeed S2S support. Look at the examples here:
https://wiki.strongswan.org/projects/st ... v2Examples
Cheers
-
moatazelmasry
- Posts: 336
- Joined: Sat Aug 15, 2015 7:41 pm
Re: vpn site to site
Sorry, I might have been mistaken. There's a documentation for Site to site SoftEther. But Ihaven't tried it myself.
https://www.softether.org/4-docs/1-manu ... L2_Bridge)
Hope this helps
https://www.softether.org/4-docs/1-manu ... L2_Bridge)
Hope this helps
-
emadoyej@yahoo.com
- Posts: 2
- Joined: Fri Oct 21, 2016 10:49 am
Re: vpn site to site
Thank you very much for your post. I shall try it later today, I would be glad anyhow to get some assistance from you if you have configure a site to site before now. let me know if you can help further. I appreciate. Thanks
-
moatazelmasry
- Posts: 336
- Joined: Sat Aug 15, 2015 7:41 pm
Re: vpn site to site
I can only help you, if you can help yourself first.
Go through the docs, try to solve your task. And if you have specific questions I'll try to help
Go through the docs, try to solve your task. And if you have specific questions I'll try to help
-
thisjun
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: vpn site to site
SoftEther VPN can't be L2TPv3 initiator.