flyrouter:ipsec-zywall
Настройка IPSec связки FlyRouter и ZyWall
Конфигурационные файлы предоставлены системнымным администратором ООО «Молочный Дом» (Торговая марка «Фанни»), г.Павлоград
Пример конфигурационного файла на FlyRouter:
# /etc/ipsec.conf - Openswan IPsec configuration file # basic configuration config setup interfaces="ipsec0=eth1" klipsdebug=none plutodebug=none # nat_traversal=yes # virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%4:172.16.0.0/12 # add connections here conn zywall left=192.168.1.1 leftsubnet=192.168.20.0/24 leftnexthop=192.168.1.161 right=192.168.1.161 rightsubnet=10.0.0.0/8 rightnexthop=192.168.1.1 auto=add pfs=yes authby=secret keylife=9600s #Disable Opportunistic Encryption include /etc/ipsec.d/examples/no_oe.conf
Настройка ZyWall. Menu 27.1.1 - IPSec Setup
Index #= 4 Name= TOLinux
Active= Yes Keep Alive= Yes Nat Traversal= No
Local ID type= IP Content= 192.168.1.161
My IP Addr= 192.168.1.161
Peer ID type= IP Content= 192.168.1.1
Secure Gateway Address= 192.168.1.1
Protocol= 0
Local: Addr Type= SUBNET
IP Addr Start= 10.0.0.0 End/Subnet Mask= 255.0.0.0
Port Start= 0 End= N/A
Remote: Addr Type= SUBNET
IP Addr Start= 192.168.20.0 End/Subnet Mask= 255.255.255.0
Port Start= 0 End= N/A
Enable Replay Detection= No
Key Management= IKE
Edit Key Management Setup= No
Настройка ZyWall. Menu 27.1.1.1 - IKE Setup
Phase 1 Negotiation Mode= Main PSK= 12345678 Encryption Algorithm= 3DES Authentication Algorithm= MD5 SA Life Time (Seconds)= 3600 Key Group= DH2 Phase 2 Active Protocol= ESP Encryption Algorithm= 3DES Authentication Algorithm= MD5 SA Life Time (Seconds)= 9600 Encapsulation= Tunnel Perfect Forward Secrecy (PFS)= DH2
flyrouter/ipsec-zywall.txt · Last modified: 2018/04/09 15:36 (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 3.0 Unported
