Archaic Binary

 
  • Decrease font size
  • Default font size
  • Increase font size
  • default color
  • blue color
  • green color
Home arrow Articles arrow IPsec pfSense & Linksys BEFVP41
IPsec pfSense & Linksys BEFVP41
Thursday, 24 January 2008
In this walkthrough (althrough not very long) we will have an already up and running pfSense firewall system, and that your internet connection is working properly. On the other end, you have a Linksys BEFVP41 with a working internet connection.

1. On the pfSense router login to the web interface and choose from the menu, VPN then IPsec.

2. Check the box Enable IPsec if it is not already, and click Save.

3. Click on the + (plus) sign near the bottom of the table to add a new tunnel.

4. In the 'Remote Subnet' box put in the network segment on the Linksys BEFVP41's side. If you use the default 192.168.1.1 then enter that and choose / 24 in the drop down.

5. In the 'Remote Gateway' box put the WAN IP Address of the Linksys BEFVP41.

6. For a description, enter anything you like, I will use Main Linksys BEFVP41.

7. Negotation Mode = Aggressive

8. My Identifier = My IP Address (Blank text box)

9. Encryption Algorithum = 3DES

10. Hash Algorithum = SHA1

11. DH Key Group = 2 (2 is 1024bit)

12. Lifetime, I use 3600.

13. Authentication Method, use Pre-Shared Key

Scroll down the page...

14. For Protocol choose ESP

15. Encryption Algorithms = 3DES (Uncheck the rest)

16. Hask Algorithms = SHA1 (uncheck MD5)

17. PFS Key Group, choose 2 (for 1024 bit)

18. Choose 3600 for lifetime seconds.

Click save, and you will be returned to the IPsec page. Click Apply Changes for this part to be complete.

19. Login to your Linksys BEFVP41 and choose the VPN tab at the top.

20. Click enable this tunnel, and give it a name.

21. The local secure group should be the subnet for the Linksys BEFVP41 side of the network.

22. On the Remote Secure Group choose Subnet, and type in the subnet on the pfSense side of the network...

Example:

pfSense Network: 192.168.100.0
                           255.255.255.0

Linksys Network: 192.168.200.0
                          255.255.255.0

23. In Remote Security Gateway type in the WAN address of the pfSense router.

24. For Encryption, choose 3DES and for Authentication choose SHA1.

25. In Key Management use, Auto (IKE)

26. Check the box for PFS.

27. Use the same pre-shared key you used in the pfSense router, and make the lifetime 3600.

Click on the Apply button. When the page reloads click on the Orange Advanced button.

Phase One
----------------

28. Operation Mode = Aggressive Mode

29. Encryption: 3DES; Authentication: SHA; Group: 1024-bit; Lifetime: 3600 seconds.

Phase Two
----------------

30. Group: 1024-bit; Lifetime: 3600 seconds

31. Check the Anti-Replay and Keep Alive box to keep the connection active.

Apply, then Close This Window.

From a computer on the Linksys side, ping a computer on the pfSense side, it may take a second, then data should flow through.
Set as Favorite
Bookmark
Create PDF
Print This
Email This
Hits: 1397
Add Comment Comments (0)
Write Comment Write comment
smaller | bigger

busy
 

Support Us

View Donators