Welcome to the IPFire Wiki

This wiki is a community-maintained resource about everything there is to know about IPFire. Join us and help us improving it!

Looking for something?

Use the search and find answers to everything about IPFire. If you cannot find what you are looking for, join our community and talk to fellow IPFire users, developers and everybody else involved in the project.

IPFire Community

VPN IPsec using IPFire and Lancom

Requirements

  • Static IP on both sites
  • if you don't have a static IP then you have to use dynamic dns
  • newest ipFire version and actual Lancom firmware

Configuration ipFire

Activate IPsec and add the ipFire WAN IP. If you´re behind a NAT Router, then use %defaultroute

None

Add a new connection and use Net2Net VPN

Choose a name for this connection, add the remote WAN IP, define your local and your remote ID and add the remote subnet. Check advanced settings! and generate a strong PreSharedKey. Save your settings.

None

Use the proposal settings that you see in the picture and save!

None

Configuration Lancom

Activate the VPN module. If the ipFire or the Lancom is behind NAT then activate NAT-Traversal. Choose "collective" for KeepAlive.

None

Go to IKE/IPsec -> IPSec-Proposals and define a Phase2 Proposal:

None

Go to IPSec-Proposal-Lists and add your new Phase2 Proposal:

None

Go to IKE-Keys & Identities and add a new ID.

None

Go to IKE-Proposals and define a Phase1 Proposal:

None

Go to IKE-Proposal-Lists and add your new Phase1 Proposal:

None

Go to Connections-Parameters and add your settings:

None

Go to Cennections-Lists and add a new conneciton:

None

Go to IP-Router -> Routing -> IPv4 Routing-Table and add a route to your ipFire LAN (green):

None

Save your settings and enjoy your new VPN Site-to-Site connection

Edit Page ‐ Yes, you can edit!

Older Revisions • November 5 at 10:15 am • Michael Tremer