[Part 1] Mikrotik ikev2/RSA vpn server per clients windows i android natius, strongSwan (opcional)

Описание к видео [Part 1] Mikrotik ikev2/RSA vpn server per clients windows i android natius, strongSwan (opcional)

Configuració d'un router mikrotik com a servidor ikev2 amb clients natius windows 10 i android (PART 1)

Text del video:
Configurar un servidor mikrotik amb ikev2 / Clients android,windows10

PAS3: IPSEC
#ipsec / mode-config
/ip ipsec mode-config add address-pool=ike2-pool address-prefix-length=32 name=ike2

#ipsec / profile
/ip ipsec profile add enc-algorithm=aes-256 hash-algorithm=sha256 name=ike2

#ipsec / policy / group
/ip ipsec policy group add name=ike2-grup

#ipsec / proposal
/ip ipsec proposal add auth-algorithms=sha256,sha1 enc-algorithms=aes-256-cbc lifetime=8h \
name=ike2-proposal pfs-group=none

#ipsec / policies
/ip ipsec policy group add name=ike2-grup
/ip ipsec policy add group=ike2-grup proposal=ike2-proposal template=yes

#ipsec / peer
/ip ipsec peer add exchange-mode=ike2 name=ike2-peer passive=yes profile=ike2

#ipsec / identities
/ip ipsec identity add auth-method=digital-signature certificate=SERVIDOR generate-policy=port-strict \
match-by=certificate mode-config=ike2 peer=ike2-peer policy-template-group=ike2-grup \
remote-certificate=client1 remote-id=ignore

PAS4: FIREWALL & NAT
Accepta ports UDP 500 i 4500 (ikev2)
Accepta input ipsec-policy 100.100.100.0/24
Accepta forward ipsec-policy 100.100.100.0/24

PAS5: Client Windows 10
Instal·lar certificat CA a "equipo local"
Instal·lar certificat usuari a "equipo local"

Комментарии

Информация по комментариям в разработке

Похожие видео