Set firewall name WAN_LOCAL rule 50 description nat-t Set firewall name WAN_LOCAL rule 50 action accept Set firewall name WAN_LOCAL rule 40 protocol esp Set firewall name WAN_LOCAL rule 40 log disable Set firewall name WAN_LOCAL rule 40 description esp Set firewall name WAN_LOCAL rule 40 action accept Set firewall name WAN_LOCAL rule 30 protocol udp Set firewall name WAN_LOCAL rule 30 log disable
Set firewall name WAN_LOCAL rule 30 destination port 500 Set firewall name WAN_LOCAL rule 30 description ike set firewall name WAN_LOCAL rule 30 action accept Add firewall rules that allow IKE and ESP in the local direction. You can verify these firewall and NAT rules by running the following commands on both routers: sudo iptables -L -v -nĬhain UBNT_VPN_IPSEC_FW_HOOK (1 references) UBNT_VPN_IPSEC_SNAT_HOOK Exclude all traffic from the local subnet to the remote subnet from NAT.UBNT_VPN_IPSEC_FW_IN_HOOK Allow IPsec traffic from the remote subnet to the local subnet in the local and inbound direction.UBNT_VPN_IPSEC_FW_HOOK Allow UDP port 500 (IKE), UDP port 4500 (NAT-T) and ESP in the local direction.In enabled previously, the Automatic Firewall/NAT checkbox adds the following rules to the iptables firewall in the background: Doing so will reset all settings back to the defaults. ATTENTION: Do not change the VPN configuration through the GUI after adding your own custom modifications through the CLI.
0 kommentar(er)
