# ClearOS
Notes on various things configured on ClearOS (opens new window) firewall.
# IPsec tunnel with PFsense
Public IPs have been replaced with x.x.x.x
# ClearOS Config
# ipsec --version
Linux Libreswan 3.23 (netkey) on 3.10.0-693.17.1.v7.x86_64
cat /etc/ipsec.d/ipsec.unmanaged.mytunnel.conf
conn mytunnel
keyexchange=ike
fragmentation=yes
rekey=yes
type=tunnel
dpdaction=restart
dpdtimeout=60s
dpddelay=10s
auto=start
left=x.x.x.x
leftsubnet=192.168.50.0/24
right=mytunnel.blasteh.uk
rightid=@mytunnel.blasteh.uk
rightsubnet=192.168.10.0/24
ikelifetime=28800s
lifetime=3600s
ikev2=insist
ike=aes256-sha2;dh14
esp=aes256-sha2;dh14
leftauth=secret
rightauth=secret
left defines the ClearOS firewall's public IP
leftsubnet is the subnet that will be passed through the tunnel
right is my pfsense box on the other side of the tunnel
rightsubnet is the remote subnet that will be accessible through this tunnel.
cat /etc/ipsec.d/ipsec.unmanaged.mytunnel.secrets
x.x.x.x @mytunnel.blasteh.uk : PSK "mysecretkey"
# PFsense Config
2.4.4-RELEASE-p1 (amd64)
built on Mon Nov 26 11:40:26 EST 2018
FreeBSD 11.2-RELEASE-p4
# Phase 1
# Phase 2
