[SOLVED] UI for IPSec setup?

Hi all,

I am new to Turris and just got my first router. Unboxing and initial setup was all very pleasant. UI in German, wow!

But … :wink:

The planned tasks for this router (1x A, 1x E modules) are

  • network switch
  • DHCP server
  • DNS resolver with cache
  • IPSec site-to-site gateway from home to office

Notably missing is “Internet uplink” and “firewall”. The router is placed behind my AVM Fritzbox because I run an integrated DSL and SIP telephone connection with DECT handsets and all that and so the Fritzbox is about the only convenient option for German Telekom as the provider.
But the functions listed are the ones were the Fritzbox is really limited so I want to place another device in my LAN to get more ports and better support for all of that.

tldr; Where is the IPSec stuff in the UI?


There are two UIs Introduction - Turris Documentation

Turris team has decided to develop its own web administration interface due to complexity of the existing LuCI interface for basic users. Thus, came into being Foris, which is a simplified interface for administration requirements of Turris routers. It has been created in order to provide users with a simple and extensible administration and network configuration tool.

In short, re/Foris does not cover advanced settings.

Potentially good practise is getting acquainted first with the available documentation

I did. And there is no IPSec anything in either of the two UIs nor is anything like this mentioned in the docs. If users are really expected to use the command line for all non-trivial tasks, I’d rather put OpenSense on a suitable embedded platform and have a way smoother experience.

It was not so clear from the initial post.

Apparently there is indeed no UI coverage for IPSec but other VPN solutions, e.g. OpenVPN, WG, OpenConnect which does not help of course if the office’s IT admin only chose to provision IPSec.

I am the office IT admin :wink:

OK, some background: I am more or less evaluating the product by trying it in a real-world scenario at home. I run my own data centre with some 100-ish servers, own AS, BGP, OSPF, all dual-stack - I know this stuff. Really.
I can use a CLI, in this evaluation I just don’t prefer to, because I want to know how capable the UI is.

So in comparison with e.g. an EdgeRouter-X the MOX is

  • modular
  • more powerful hardware-wise
  • 100% open source
  • capable of doing more

but nowhere near the polished product and way more expensive. Still pondering if I should keep it and take the deep dive or stick with Ubnt.

Thanks for the confirmation.