Outils pour utilisateurs

Outils du site


mikrotikcompletestaging:mikrotik_complete_staging

Différences

Ci-dessous, les différences entre deux révisions de la page.

Lien vers cette vue comparative

Les deux révisions précédentes Révision précédente
mikrotikcompletestaging:mikrotik_complete_staging [2020/09/21 14:29]
ghusson
mikrotikcompletestaging:mikrotik_complete_staging [2020/09/22 17:30]
ghusson
Ligne 882: Ligne 882:
   add action=accept chain=input comment="​Allow IPIP connections from clients"​ protocol=ipencap disabled=yes   add action=accept chain=input comment="​Allow IPIP connections from clients"​ protocol=ipencap disabled=yes
   add action=accept chain=input comment="​Allow IPSec connections from clients (IKE)" dst-port=500 protocol=udp disabled=yes   add action=accept chain=input comment="​Allow IPSec connections from clients (IKE)" dst-port=500 protocol=udp disabled=yes
 +  add action=accept chain=input comment="​Allow IPSec connections from clients (IKE2/nat traversal)"​ protocol=udp disabled=yes
   add action=accept chain=input comment="​Allow IPSec connections from clients (ESP)" protocol=ipsec-esp disabled=yes   add action=accept chain=input comment="​Allow IPSec connections from clients (ESP)" protocol=ipsec-esp disabled=yes
   add action=accept chain=input comment="​Allow IPSec connections from clients (AH)" protocol=ipsec-ah disabled=yes   add action=accept chain=input comment="​Allow IPSec connections from clients (AH)" protocol=ipsec-ah disabled=yes
Ligne 931: Ligne 932:
   add action=accept chain=output comment="​Allow IPIP connections from firewall"​ protocol=ipencap disabled=yes   add action=accept chain=output comment="​Allow IPIP connections from firewall"​ protocol=ipencap disabled=yes
   add action=accept chain=output comment="​Allow IPSec connections from firewall (IKE)" dst-port=500 protocol=udp disabled=yes   add action=accept chain=output comment="​Allow IPSec connections from firewall (IKE)" dst-port=500 protocol=udp disabled=yes
 +  add action=accept chain=output comment="​Allow IPSec connections from firewall (IKE2/nat traversal)"​ dst-port=4500 protocol=udp disabled=yes
   add action=accept chain=output comment="​Allow IPSec connections from firewall (ESP)" protocol=ipsec-esp disabled=yes   add action=accept chain=output comment="​Allow IPSec connections from firewall (ESP)" protocol=ipsec-esp disabled=yes
   add action=accept chain=output comment="​Allow IPSec connections from firewall (AH)" protocol=ipsec-ah disabled=yes   add action=accept chain=output comment="​Allow IPSec connections from firewall (AH)" protocol=ipsec-ah disabled=yes
mikrotikcompletestaging/mikrotik_complete_staging.txt · Dernière modification: 2020/09/22 17:30 par ghusson