Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Cisco VTI tunnel

    IPsec
    1
    1
    1606
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jzakhar last edited by

      Has anyone gotten a VPN working with a VTI (virtual tunnel interface) ?

      the cisco config looks like:

      crypto isakmp policy 1
      encr 3des
      authentication pre-share
      group 2
      crypto isakmp key ******** address 0.0.0.0 0.0.0.0
      crypto isakmp keepalive 10
      !
      crypto ipsec transform-set TSET esp-3des esp-sha-hmac
      !
      crypto ipsec profile VTI
      set transform-set TSET
      !
      !
      interface Tunnel0
      ip address 192.168.10.2 255.255.255.0
      tunnel source 10.0.149.220
      tunnel destination 10.0.149.221
      tunnel mode ipsec ipv4
      tunnel protection ipsec profile VTI
      !
      interface FastEthernet0/0
      ip address 10.0.149.220 255.255.255.0
      duplex auto
      speed auto
      !
      interface FastEthernet0/1
      ip address 192.168.20.1 255.255.255.0
      duplex auto
      speed auto
      !
      router rip
      version 2
      network 192.168.10.0
      network 192.168.20.0

      The pfsense side would look like (if it were a cisco device)

      crypto isakmp policy 1
      encr 3des
      authentication pre-share
      group 2
      crypto isakmp key ******** address 0.0.0.0 0.0.0.0
      crypto isakmp keepalive 10
      !
      !
      crypto ipsec transform-set TSET esp-3des esp-sha-hmac
      !
      crypto ipsec profile VTI
      set transform-set TSET
      !
      !
      interface Tunnel0
      ip address 192.168.10.1 255.255.255.0
      tunnel source 10.0.149.221
      tunnel destination 10.0.149.220
      tunnel mode ipsec ipv4
      tunnel protection ipsec profile VTI
      !
      interface FastEthernet0/0
      ip address 10.0.149.221 255.255.255.0
      duplex auto
      speed auto
      !
      interface FastEthernet0/1
      ip address 192.168.21.1 255.255.255.0
      duplex auto
      speed auto
      !
      router rip
      version 2
      network 192.168.10.0
      network 192.168.21.0
      !

      could very much use some help here, or any advice what so ever. Not too familiar with pfsense at all.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post

      Products

      • Platform Overview
      • TNSR
      • pfSense
      • Appliances

      Services

      • Training
      • Professional Services

      Support

      • Subscription Plans
      • Contact Support
      • Product Lifecycle
      • Documentation

      News

      • Media Coverage
      • Press
      • Events

      Resources

      • Blog
      • FAQ
      • Find a Partner
      • Resource Library
      • Security Information

      Company

      • About Us
      • Careers
      • Partners
      • Contact Us
      • Legal
      Our Mission

      We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

      Subscribe to our Newsletter

      Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

      © 2021 Rubicon Communications, LLC | Privacy Policy