FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
864 views 3 comments
by anonymous
Hello, we have successfully configured an IPSec VPN connection between two Teltonika routers. Now we have the task to allow traffic from one network into the other, but not the other way round. I understand the IPSec VPN has no extra zone, so I tried to achieve this with the "leftfirewall" and "rightfirewall" settings, but it seems not to do what we need - or we could not figure out which combination of firewall settings in the IPSec dialog is correct.

What we want to achieve is:

lan a -> ROUTER A -> VPN -> ROUTER B - lan b : OK (maybe limited by destination ports)

lan b -> ROUTER B -> VPN -> ROUTER A - lan a : REJECT

How can we achieve this behavior? I would also use the custom IPTABLES rules, but I would need an exampe for a script then.

1 Answer

0 votes
by anonymous
Hi,

I would like to ask for more information. First of all, which routers do you use? Also, please specify firmware versions. I will try to replicate your use case and come up with a solution.

Regards.
by anonymous

As written in the subject, these are two RUT-240. We use public IP addresses for both routers and so the IPSec VPN setup is a pretty straightforward one using the DDNS names of the remote router. The firmware is RUT2XX_R_00.01.14 on both routers.

Thank you for looking into this!

by anonymous
Did you make any progrss on this? Or do you have an example for a firewalling script?
by anonymous
Hi,

Unfortunately, I have not tested it yet. I will try to look into it as soon as possible.