Page MenuHomePhabricator

L2TPv3 over IPSEC configuration where one of the sites is using a Dynamic IP address
Closed, ResolvedPublic

Asked by syncer on Feb 6 2017, 8:32 PM.

Details

@emartel wrote:

Can you point me to a valid L2TPv3 over IPSEC configuration where one of the sites is using a Dynamic IP address?

I don't know how to configure the "set interfaces l2tpv3 l2tpeth0 local-ip X.X.X.X". The command is mandatory and does not accept "any" like the IPSEC config does.

FYI: I configured the IPSEC as follows:

site-to-site {

peer 192.168.2.22 {
    authentication {
        id @lanino
        mode pre-shared-secret
        pre-shared-secret ****************
    }
    connection-type initiate
    ike-group IKE-1
    ikev2-reauth inherit
    local-address any
    tunnel 1 {
        allow-nat-networks disable
        allow-public-networks disable
        esp-group ESP-1
        local {
        }
        protocol 115
        remote {
        }
    }
}

Answers

syncer
Updated 1,114 Days Ago

@dmbaturin wrote:
If one side has dynamic address, you can use the same approach as described here: https://wiki.vyos.net/wiki/GRE/IPsec#Setup_option_.232:_sourcing_the_tunnel_from_loopbacks

New Answer

Answer

This question has been marked as closed, but you can still leave a new answer.