- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Enable IPSec UDP ports for all hosts behind firewall
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Enable IPSec UDP ports for all hosts behind firewall
Hi All,
I'm trying to make the IPSec working in hybrid environment (home network/cloud), here is the original problem:
https://forums.rancher.com/t/hybrid-cloud-home-network/6646/3
I upgraded my router to FVS318Gv2, but it still doesn't seem to be working (the same symptoms). Do I need to enable anything to make it work or this model doesn't support this config at all?
Cheers,
D
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Enable IPSec UDP ports for all hosts behind firewall
Hi zeppelinux,
Welcome to our community!
Please help us understand the problem that you were having. Are you trying to make the firewall as the VPN server or the firewall will just work as a passthrough? If the firewall will work as a passthrough, the IPsec VPN tunnel is enabled by default. But if it seems that one of the tunnels that you have is working then I don't see any issues from the firewall as it is working by design. No configurations needed if it will work as passthrough.
Regards,
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Enable IPSec UDP ports for all hosts behind firewall
Hi John,
Thanks for reply! I'm trying to use the Rancher for managing Docker containers running on my home network and in the cloud (Hubrid network). Rancher connects all the hosts (that supposed to run managed containers) by creating Network overlay (IPSec agent is deployed and running on each host). One of the requirements for this Network Overlay to be functional is to make sure all the 500 and 4500 UDP ports traffic is flowing between ALL participating hosts.
When there is no NAT - everything is working perfcetly and seems like NAT makes this use case invalid i.e. acoring to the response in the Rancher forum there is no way this can work 😞
Cheers,
Dmitry
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Enable IPSec UDP ports for all hosts behind firewall
Please try to open a port from the firewall. Go to Security > Services - Create the specific UDP ports that needs to be opened. Then go to Security > Firewall > Inbound Services - ADD the service that you created and then point it to your LAN Server.
Kindly check the manual here(page 130).
Regards,
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Enable IPSec UDP ports for all hosts behind firewall
Thanks,
Dmitry
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content