This guide outlines the steps required to establish a secure IPsec connection between Timus and Meter. Follow the configurations below to ensure a successful connection.
Timus Configuration:
Follow the guide below for an example setup. Configure the following settings:
Phase 1 (Parameters):
Here is how you can configure Parameters for Phase 1 configurations on Timus
- Local Peer Identifier: Timus_Gateway_Public_IP
- Remote Peer Identifier: Meter_Public_IP
- Key Exchange Type: IKEv2
- Preshared Key: Your Preshared Key
- Authentication Algorithm: SHA256
- Encryption Algorithm: AES256
- DH Group: modp2048(14)
- Mode: Main
Phase 1 (Miscellaneous):
Here is how you can configure Miscellaneous for Phase 1 configurations on Timus
- Responder Only: False
- Margin Time: 60 seconds
- Lifetime: 28800 seconds
- Dead Peer Detection (DPD): Disabled
- DPD Delay: 10 seconds
- DPD Max Failure: 5
- NAT Traversal: Disabled
Phase 2 for Timus:
Refer to to the below image for Phase 2 setup. Use these configurations:
- Authentication Algorithm: SHA256
- Encryption Algorithm: AES256
- Protocol: ESP
- Perfect Forward Secrecy (PFS): Enabled
- PFS Group: modp2048(14)
- Lifetime: 3600 seconds
- Tunnel Protocol: ALL
Meter Configuration:
To add an IPsec VPN tunnel, log into the Dashboard and click Secure Tunnels > IPSec > ‘Add IPSec Tunnel’.
Meter provides Phase 1 and Phase 2 configurations into a single panel.
- Local IP or FQDN: Meter WAN Public IP
- Remote IP or FQDN: Timus Gateway Public IP
- Initiator: Timus Gateway Public IP
- Authentication Algorithm: SHA2_256_128 HMAC (128 bit)
- Encryption Algorithm: 256 bit AES-COUNTER
- DH Group: 14
- Preshared Key: Your Preshared Key
- Remote Networks: Add the subnets from Timus. (In this case, 192.168.249.0/24)
- Local Networks: Specify the Meter local subnets.
- Bound WAN Port: Your ISP
Once all configurations are applied, the IPsec connection between Timus and Meter should be successfully established. Follow this guide step by step, referencing the provided images as needed.
Note on Static Routing and Firewall Rules
Static routing rules and firewall access rules are automatically configured by default. However, if this option is not enabled or does not occur automatically, these rules must be created manually to ensure proper communication between Timus and Meter.
0 comments
Please sign in to leave a comment.