Value for Right Box
The default value in the ‘Public IP or FQDN for RED interface’ VPN set-up field could have the service provider’s name, such as Ipaddress.static-xxx.serviceprovider.net.in. Make sure you remove non-ip-address text. IPCOP RED with private IP addresses (such as 192.168.x.x or 10.x.x.x) makes VPN configuration really difficult. This happens when IPCOP is installed inside a router configured in route mode. Here, reconfigure the router in bridge mode, so that IPCOP RED will get a public IP. Refresh the browser a few times if tunnel ‘open’ status is not displayed. Ensure correct uploading of root and host certificates generated Ensure that the root and host certificates generated on the right box are uploaded correctly on the left box and vice versa. If the tunnel does not open, verify the parameters on both boxes. You can also check Logs > System logs > IPSEC logs for further troubleshooting. Additional tunnels can be created to network multiple offices; the most important point to remember is to use different IP subnets for different offices. IKE aggressive mode (available under advanced options) is definitely not preferred; it transmits a preshared key in clear text. Though IPCOP has an inbuilt certificate generator, you may also purchase and use certificates from various certifying authorities. Towardssankalp 192.168.20.254 192.168.20.0/255.255.255.0 Office 2 RED IP Address 192.168.51.0/255.255.255.0 Thisisatestpresharedkey