apt-get install openswan ipsec-tools
cat /etc/ipsec-tools.conf
flush;
spdflush;
spdadd 192.168.0.0 192.168.15.0 any -P out ipsec esp/tunnel/77.75.72.3-173.194.35.88/unique;
spdadd 192.168.15.0 192.168.0.0 any -P in ipsec esp/tunnel/173.194.35.88-77.75.72.3/unique;
cat /etc/ipsec-tools.conf
77.75.72.3 173.194.35.88: PSK "Super tajne heslo"
cat /etc/ipsec.conf
version 2.0
config setup
oe=off
protostack=netkey
nat_traversal=no
conn %default
keyingtries=0
authby=secret
conn vpn
pfs=no
keyingtries=3
rekey=no
esp=3des-md5
ike=3des-md5-modp1024
authby=secret
keyexchange=ike
ikelifetime=8h
keylife=1h
left=77.75.72.3
leftnexthop=%defaultroute
leftsubnet=192.168.0.0/24
right=173.194.35.88
rightsubnet=192.168.15.0/24
auto=start
type=tunnel
cat /etc/iptables.conf
iptables -t nat -A POSTROUTING -o eth1 -s 192.168.0.0/24 ! -d 192.168.15.0/24 -j MASQUERADE
iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
iptables -A FORWARD -i eth1 -s 192.168.15.0/24 -o eth0 -j ACCEPT
Žádné komentáře:
Okomentovat