#acl All:read #lang en <> = IPSEC site to site VPN = {{{ configure edit vpn ipsec # Fase 1 set ike-group unifi key-exchange ikev2 set ike-group unifi lifetime 14400 set ike-group unifi proposal 1 dh-group 14 set ike-group unifi proposal 1 encryption aes128 set ike-group unifi proposal 1 hash sha1 # Fase 2 set esp-group unifi compression disable set esp-group unifi lifetime 14400 set esp-group unifi mode tunnel set esp-group unifi pfs dh-group14 set esp-group unifi proposal 1 encryption aes128 set esp-group unifi proposal 1 hash sha1 # IPSEC VPN # ToDo }}} = Unifi on FreeBSD = == Install == {{{ pkg install unifi5 }}} Edit ''/etc/rc.conf'' {{{ unifi_enable="YES" }}} Keep in mind that Unifi uses the mongodb package, but run it by it's own, on a different port. So you don't have to start mongodb at boot time. = KPN/XS4All = {{{ root@router:~# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 pppoe2 10.40.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 10.40.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1.1010 10.162.80.0 0.0.0.0 255.255.240.0 U 0 0 0 eth0.4 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 194.109.5.227 0.0.0.0 255.255.255.255 UH 0 0 0 pppoe2 213.75.112.0 10.162.80.1 255.255.248.0 UG 0 0 0 eth0.4 }}} = Links = * [[https://freetime.mikeconnelly.com/archives/6373]] * [[https://robpickering.com/working-around-incomplete-ubiquiti-unifi-security-gateway-dns-service/]]