4. Automatic IPSec Rules

Automatic IPSec Rules

  • B

    I am on 2.1 and I have Disable Auto-added VPN rules unchecked (so VPN rules are being set automatically). I would like to disable the auto rules because I deleted a tunnel, but the other end never deleted theirs and it's flooding the IPSec logs with connection attempts. Plus I'd rather have this explicitly set and noticeable, but the logs flooding has upped the priority.

    So I'm wondering what rules I would have to add to replace the auto-generated ones? I have other tunnels and I don't want to disrupt them so I'd like to put the necessary rules in place before I disable to auto-generated ones.

    Thanks!

    0
  • Rebel Alliance Developer Netgate

    For IPsec, you need to allow:

    • udp/500 (ISAKMP)
    • udp/4500 (NAT-T)
    • ESP

    You need only allow those from your remote IPsec peers and not the world, unless you use mobile IPsec tunnels.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy