After some troubling, I succeded:
Fritz-Config:
Linksys:
Fritz-Config:
Code:
connections {
enabled = yes;
conn_type = conntype_lan;
name = "<%ConnectionName%>";
always_renew = no;
reject_not_encrypted = no;
dont_filter_netbios = yes;
localip = 0.0.0.0;
local_virtualip = 0.0.0.0;
remoteip = 0.0.0.0;
remote_virtualip = 0.0.0.0;
remotehostname = "<%LinkSys_DynDNS%>";
localid {
fqdn = "<%Fritz_DynDNS%>";
}
remoteid {
fqdn = "<%LinkSys_DynDNS%>";
}
mode = phase1_mode_idp;
phase1ss = "all/all/all";
keytype = connkeytype_pre_shared;
key = "<%PSK%>";
cert_do_server_auth = no;
use_nat_t = no;
use_xauth = no;
use_cfgmode = no;
phase2localid {
ipnet {
ipaddr = <%Fritz_Subnet%>;
mask = 255.255.255.0; (Or whatever)
}
}
phase2remoteid {
ipnet {
ipaddr = <%LinkSys_Subnet%>;
mask = 255.255.255.0;
}
}
phase2ss = "esp-3des-sha/ah-no/comp-no/pfs";
accesslist = "permit ip any <%LinkSys_Subnet%> 255.255.255.0";
}Linksys:
Code:
Tunnel Entry: Tunnel <WhatEver>
VPN Tunnel: Enabled
Tunnel Name: ski2cbp
NAT-Traversal: Disabled
Local Secure Group:
Type: Subnet
IP Address: <%LinkSys_Subnet%>
Subnet: 255.255.255.0
Remote Secure Group
Type: Subnet
IP Adress: <%Fritz_Subnet%>
Subnet: 255.255.255.0
Remote Secure Gateway
Type: FQDN
<%Fritz_DynDNS%>
Key Managment:
Key Exchange Method: Auto (IKE)
Operation Mode: MAIN
ISAKMP Encryption Method: 3DES
ISAKMP Authentication Method: SHA1
ISAKMP DH Group: Group 2: 1024-bits
ISAKMP Key Lifetime (s): 28800
PFS: Enabled
IPSec Encryption Method: 3DES
IPSec Authentication Method: SHA1
IPSec DH Group: The group is the same as ISAKMP.
IPSec Key Lifetime(s): 3600
Pre-Shared Key: <%PSK%>
Dead Peer Detection = true
Detection Delay(s): 30
Detection Timeout(s): 120
DPD Action: Recover connection
