Hi,
I have the following configuration:
-
hosted server as l2tp-server 172.16.46.1 (it has also pubic ip)
-
Site1: hap ac3
- l2tp-client with ip: 172.16.46.2,
- ipip tunnel with ip: 192.168.99.1,
- bridge (lan) with ip: 192.168.88.0/24
- Site2: hap ac3
- l2tp-client with ip 172.16.46.3,
- ipip tunnel 192.168.99.2,
- bridge (lan) with ip: 192.168.89.0/24
There is IPSec (SHA256, AES-256-CBC, DH modp2048) set on the IPIP tunnel, because I don’t have access to the server to put IPSec on the L2TP.
The IPSec (and the tunnel) works fine with both setups
- on the LAN address of each site
- on the IPIP Tunnel IPs of each site
Can someone please help, what’s the difference between using LAN IP vs. IPIP Tunnel IP in the IPSec policy?