...
GET /cgi-bin/luci/sdewan/ipsec/v1/sites
{ { "name": "siteA" "gateway":"192.168.1.10", "crypto_proposal": "proposal1", "connections": [ { "type": "tunnel" "local_subnet": "10.1.0.1/24", "remote_subnet": "10.2.0.1/24", "crypto_proposal": "proposal1" } }, { "name": "siteB" "gateway":"192.168.1.11", "crypto_proposal": "proposal1", "connections": [ { "type": "tunnel" "local_subnet": "10.2.0.1/24", "remote_subnet": "10.1.0.1/24", "crypto_proposal": "proposal1" } } ] |
|---|
Decomposed Scenario B: Host-to-Site tunnel
In this scenario, the initiator sends out a request to the site gateway(responder) which has a static public ip address(or dynamic pubic IP with static domain name) in order to setup a tunnel between. After the tunnel is established, the roadwarrior should be able to ping the clients on the other side through the tunnel. The tunnel is authenticated through pre-shared key.
IPSec CR for Gateway A:
...