Hello
I have some "quasi newbie" question about UTM 9 site-to-site and remote access SSL VPN. We have used on UTM 9 since some years remote acces SSL with OpenVPN-clients and for Site-to-Site connections IPSec. Now we would like to change for Site-to-Site connections from IPSec to OpenVPN (SSL):
- Is it correct that on the UTM 9.7 as VPN-server, Remote Access SSL VPN and Site-to-Site SSL VPN have to use separated ports (default port 1194 for Remote Access SSL VPN, default port 443 for Site-to-Site SSL VPN)?
- Is it "wise" to use default port 443 (standard port for https) for Site-to-Site SSL VPN or are other port-numbers better choices?
- I am sorry this is a realy newbie question: for our IPSec Site-to-Site connection we did not need a dedicated tunnel-IP-address space. Configuration examples for Site-to-Site SSL connections use instead a dedicated tunnel-IP-address space. Our actual local LAN network on UTM use 10.6X.0.0/16 and on the remote site (non UTM) the LAN private subnet is 10.6Y.0.0/16. Do we need however to setup a dedicated SSL tunnel-IP-address space to route between the different subnets (siteA <> SSL-Tunnnel <> siteB)?
- On our setting UTM 9 is the Site-To-Site SSL-server. Therefore we exported from UTM 9 the appropriate file.apc. It seems that this file does not contain all settings that are part of an standard .opvn OpenVPN client configuration file (also exported from UTM in the Remote Access section). Can we compose of the file.apc and the file.opvn by using the missing default settings from the file.opvn a correct configuration for any Site-to-Site SSL client?
- As Site-to-Site SSL client (UTM 9 as server) we are using some Ubiquiti EdgeOS routers (EdgeOS v2.0.9, OpenVPN 2.4.7 ). We would appreciate any hint for a correct Site-to-Site SSL client configuration?
Many thanks in advance and best regards
This thread was automatically locked due to age.