IPSec Configuration

focmin93 · 10 November 2020 13:28

Hi there,

just a quick question for help. Could you please tell me how to realise the configuration shown in the picture on a ipfire?

Thanks in andvance

Andre Conf.

jjdoran · 10 November 2020 18:44

Hi,

Enable ipsec, and add the config as per the link below.

you would need to use passphrase or keys depending on that you use at the other end.

Joe

pike_it · 10 November 2020 20:09

I suggest @focmin93 to not use 3DES as cypher.

focmin93 · 12 November 2020 14:47

Ok thanks for your anwers. But I didn’t managed it.
Does anybody have a howto to connect a ipfire with an Sonicwall?

Andre

pike_it · 12 November 2020 17:43

Have you the chance to change settings on SonicWall?

focmin93 · 12 November 2020 17:57

Hi,

Yes it would be possible.

pike_it · 12 November 2020 20:03

Try an IKEv1 setup. AES 128 bit, SHA1, DH2.
Double check always on both side the correspondence of the parameters.

focmin93 · 18 November 2020 14:31

Hi Pike,

thanks for you hint this works fine.
But does anyone know why the other configurations doesn’t work?

I think this is the lowest configuration. If possible I would like to make it more safe.

arne_f · 18 November 2020 15:09

Its because some products use different 3DES encryptions. 3DES is not full standardized. This is also stated in the last paragraph of the already linked wiki page:

Also 3DES and SHA1 are also known to be broken/weak and should not used anymore.

pike_it · 18 November 2020 18:34

You can “roll back” to previous configuration and go through the logs.