I'm having problem to understand what I need to config in the RB
for start what is Phase 1 and Phase 2 ??
this is the config the I have on his router
this is all he gave me .
Phase 1
IP address:1.2.3.4
Mode: aggressive
Accept peer-id: center
Authentication method: pre-shared key
Pre-shared key: 123456789
IKE version: 1
Encryption: AES128
Authentication: SHA1
DH group: 5
Keylife: 28800 seconds
Local ID: cente
Xauth: disable
NAT traversal: enable
Keepalive frequency: 10 seconds
Dead peer detection: enable
Phase 2
Encryption: AES128
Authentication: SHA1
Replay detection: enable
PFS: enable
DH group: 5
Keylife: 1800 seconds
Autokey keep alive: enable
Quick mode selector source: 199.10.10.0/24
Quick mode selector destination: 172.27.63.0/24
now , on my side this is what I have
Code: Select all
/ip ipsec proposal
add enc-algorithms=aes-128 name=proposal1 pfs-group=modp1536
/ip ipsec peer
add address=1.2.3.4/32 dh-group=modp1536 dpd-interval=10s \
enc-algorithm=aes-128 exchange-mode=aggressive hash-algorithm=sha1 \
lifetime=8h nat-traversal=yes proposal-check=claim secret=\
123456789
/ip ipsec policy
add dst-address=199.10.10.0/24 proposal=proposal1 sa-dst-address=\
1.2.3.4 sa-src-address=12.13.14.15 src-address=192.168.63.0/24 \
tunnel=yes
Code: Select all
/ip firewall nat
add action=masquerade chain=srcnat comment=OUT
add chain=srcnat dst-address=199.10.0.0/16 src-address=192.168.63.0/24
my computer is 192.168.63.12
the computer on the other side is 199.10.10.3
any help will do
Thanks ,