BerS Wiki

Инструменты пользователя

Инструменты сайта

Вы посетили:
vpn:mikrotik_ikev2

Различия

Показаны различия между двумя версиями страницы.

Ссылка на это сравнение

Предыдущая версия справа и слеваПредыдущая версия
Следующая версия		Предыдущая версия
vpn:mikrotik_ikev2 [2019/09/19 13:53] bersvpn:mikrotik_ikev2 [2019/09/19 17:17] (текущий) bers
Строка 1: Строка 1:
-===== Configure KeepSolid ikev2 on Mikrotik hap ac2 =====+===== Configure KeepSolid IKEv2 on Mikrotik hap ac2 (RouterOS v6.45 and up) =====
  
 Go to KeepSolid cabinet and generate config IKEv2 for Windows. Go to KeepSolid cabinet and generate config IKEv2 for Windows.
Строка 9: Строка 9:
 {{:vpn:screenshot_20190919_142909.png?400|}} {{:vpn:screenshot_20190919_142909.png?400|}}
  
-Open Mikrotik webfig. Next open Ipsec - Profiles - Add New+Open Mikrotik webfig.  
 + 
 +Open Files and add certificate 
 + 
 +{{:vpn:screenshot_20190919_170226.png?400|}} 
 + 
 +Import your certificate: **System - Certificates - Import** 
 + 
 +{{:vpn:screenshot_20190919_170428.png?400|}} 
 + 
 +Next open **Ipsec - Profiles - Add New**
  
 {{:vpn:screenshot_20190919_143414.png?400|}} {{:vpn:screenshot_20190919_143414.png?400|}}
  
-Next create proposal: Ipsec - Proposals - Add New+Next create proposal: **Ipsec - Proposals - Add New**
  
 {{:vpn:screenshot_20190919_143934.png?400|}} {{:vpn:screenshot_20190919_143934.png?400|}}
  
-Create new group: Ipsec - Groups - Add New+Create new group: **Ipsec - Groups - Add New**
  
 {{:vpn:screenshot_20190919_164217.png?400|}} {{:vpn:screenshot_20190919_164217.png?400|}}
  
-Create ipsec policie: Ipsec - Policies - Add New+Create ipsec policie: **Ipsec - Policies - Add New**
  
 {{:vpn:screenshot_20190919_144210.png?400|}} {{:vpn:screenshot_20190919_144210.png?400|}}
  
-Add mode-config: Ipsec - Mode Configs - Add New+Add mode-config: **Ipsec - Mode Configs - Add New**
  
 {{:vpn:screenshot_20190919_144251.png?400|}} {{:vpn:screenshot_20190919_144251.png?400|}}
  
-Create ipsec peer: Ipsec - Peers - Add New+Create ipsec peer: **Ipsec - Peers - Add New**
  
 {{:vpn:screenshot_20190919_144528.png?400|}} {{:vpn:screenshot_20190919_144528.png?400|}}
  
-Add ipsec identity: Ipsec - Identities - Add New+Add ipsec identity: **Ipsec - Identities - Add New**
  
 {{:vpn:screenshot_20190919_144749.png?400|}} {{:vpn:screenshot_20190919_144749.png?400|}}
  
-Established connections see in Ipsec - Active peers and Ipsec - Installed SAs+Established connections see in **Ipsec - Active peers and Ipsec - Installed SAs** 
 + 
 +To send all traffic to the tunnel create address-list with your local network: **Firewall - Address Lists** 
 + 
 +{{:vpn:screenshot_20190919_145004.png?400|}} 
 + 
 +Assign this list to your mode-config: **Ipsec - Mode Configs - KeepSolid** 
 + 
 +{{:vpn:screenshot_20190919_145024.png?400|}} 
 + 
 +Don't forget to disable Fasttrack in Firewall. 
 + 
 +That's all. 
 + 
 + 
 +=== P.S. Send only needed traffic to the tunnel === 
 + 
 +Create connection-mark: **Ipsec - Mode Configs - Add/Edit** 
 + 
 +{{:vpn:screenshot_20190919_195550.png?400|}} 
 + 
 +Add needed ip to address list: **Firewall - Address Lists - Add New** 
 + 
 +{{:vpn:screenshot_20190919_200016.png?400|}} 
 + 
 +You can add different ip with the same Address List name. 
 + 
 +Create mangle rule: **Firewall - Mangle - Add New** 
 + 
 +{{:vpn:screenshot_20190919_150147.png?400|}} 
 + 
 +{{:vpn:screenshot_20190919_150200.png?400|}} 
 + 
 +If you have enabled **Fasttrack** edit the rule 
 + 
 +{{:vpn:screenshot_20190919_201455.png?400|}}
  
  
vpn/mikrotik_ikev2.1568901237.txt.gz · Последнее изменение: bers
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki