- (v12.6.1)
Site-to-Site Server
Site-to-Site Client
1
[[Datei: ]]
2
3
[[Datei: ]] | |||
Name: | S2S-server | ||
| |||
Port: | 1194 | ||
| |||
| |||
4
[[Datei: ]] | |||
| |||
| |||
| |||
5
[[Datei: ]] | |||
Name: | S2S-client | ||
| |||
| |||
S2S Server
[[Datei: ]] | |||
Name: | S2S-Server | ||
| |||
Modus: | SERVER | ||
| |||
Port: | 1194 | ||
| |||
| |||
| |||
| |||
| |||
| |||
| |||
IPv4 : | 192.168.190.0/24 | ||
IPv6 : | /64 | ||
| |||
Search Domain: | |||
Renegotiation: | (Default) |
||
[[Datei: ]] | |||
MTU: | 1500 | ||
| |||
| |||
| |||
Multihome: | |||
| |||
LZO: | |||
| |||
Pass TOS: | |||
| |||
| |||
| |||
| |||
| |||
| |||
UTMVPN [[Datei: ]]
UTMVPNSSL-VPN [[Datei: ]]
[[Datei: ]]
[[Datei: ]] | |||
Name: | sslvpn-S2S-Client-Network | ||
| |||
| |||
Zone: | |||
| |||
[[Datei: ]]
# | NAT | ||||||||
4 | sslvpn-S2S-client-network | internal-network | default-internet | Accept | |||||
5 | internal-network | sslvpn-S2S-client-network | default-internet | Accept |
Routen
[[Datei: ]] | |||
| |||
| |||
' ' route set id <ID> flags BLACKHOLE_IF_OFFLINE 12.6.2
|
1
[[Datei: ]]
2
3
[[Datei: ]] | |||
Name: | S2S-client | ||
| |||
| |||
4
5
S2S Client
[[Datei: ]] | |||
Name: | S2S-client | ||
| |||
Modus: | CLIENT | ||
| |||
| |||
| |||
| |||
| |||
| |||
| |||
Renegotiation: | (Default) |
||
[[Datei: ]] | |||
MTU: | 1500 | ||
LZO: | |||
| |||
Pass TOS: | |||
| |||
| |||
| |||
| |||
| |||
| |||
S2S Client
S2S Client
S2S Client
[[Datei: ]] | |||
Name: | sslvpn-S2S-Server-Network | ||
| |||
| |||
Zone: | |||
| |||
S2S Client
[[Datei: ]]
# | NAT | ||||||||
5 | internal-network | sslvpn-S2S-server-network | default-internet | Accept | |||||
4 | sslvpn-S2S-server-network | internal-network | default-internet | Accept |
S2S Client Routen
[[Datei: ]] | |||
| |||
| |||
' ' route set id <ID> flags BLACKHOLE_IF_OFFLINE 12.6.2
|
Multipath
openvpn get openvpn set id $ID_DES_TUNNELS local_addr $IP_DES_INTERFACES
UTMHTTP-Proxy | |
| |
| |
| |
| |
'
extc- | ||
---|---|---|
CONNECTION_RATE_LIMIT_TCP | 0 | |
CONNECTION_RATE_LIMIT_TCP_PORTS | ||
CONNECTION_RATE_LIMIT_UDP | 20 / 0 |
|
CONNECTION_RATE_LIMIT_UDP_PORTS |
extc value get application securepoint_firewall spcli extc value get application securepoint_firewall | grep RATE |
application |variable |value --------------------+-------------------------------+----- securepoint_firewall |… |… |CONNECTION_RATE_LIMIT_TCP |0 |CONNECTION_RATE_LIMIT_TCP_PORTS| |CONNECTION_RATE_LIMIT_UDP |20 |CONNECTION_RATE_LIMIT_UDP_PORTS| |
extc value set application securepoint_firewall variable CONNECTION_RATE_LIMIT_TCP value 20 system update rule |
|
extc value set application securepoint_firewall variable CONNECTION_RATE_LIMIT_TCP value 0 system update rule |
|
extc value set application securepoint_firewall variable CONNECTION_RATE_LIMIT_TCP_PORTS value [ 443 11115 ] system update rule |
|
extc value set application securepoint_firewall variable CONNECTION_RATE_LIMIT_TCP_PORTS value [ ] system update rule |
|
extc value set application securepoint_firewall variable CONNECTION_RATE_LIMIT_UDP value 20 system update rule |
|
extc value set application securepoint_firewall variable CONNECTION_RATE_LIMIT_UDP value 0 system update rule |
|
extc value set application securepoint_firewall variable CONNECTION_RATE_LIMIT_UDP_PORTS value [ 1194 1195 ] system update rule |
|
extc value set application securepoint_firewall variable CONNECTION_RATE_LIMIT_UDP_PORTS value [ ] system update rule |
|
extc value set application securepoint_firewall variable CONNECTION_RATE_LIMIT_TCP value 20 |