This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
wiki:site:obecne:ipsec [2013/03/20 14:37] root |
wiki:site:obecne:ipsec [2014/12/26 18:31] (current) |
||
---|---|---|---|
Line 95: | Line 95: | ||
# pro troubleshooting tunelu | # pro troubleshooting tunelu | ||
tail -f / | tail -f / | ||
+ | |||
+ | # spuštění racoonu v popředí v debug módu (před tím je dobré zastavit službu) | ||
+ | racoon -d -v -F -f / | ||
</ | </ | ||
Line 109: | Line 112: | ||
group 2 | group 2 | ||
| | ||
- | crypto isakmp key TEST address 192.168.100.2 no-xauth | + | crypto isakmp key KEY-TEST address 192.168.100.2 no-xauth |
! | ! | ||
! | ! | ||
Line 149: | Line 152: | ||
<file | / | <file | / | ||
+ | flush; | ||
+ | spdflush; | ||
+ | |||
+ | spdadd 192.168.100.2/ | ||
+ | | ||
+ | |||
+ | spdadd 10.0.0.2/32 192.168.100.2/ | ||
+ | | ||
</ | </ | ||
<file | / | <file | / | ||
+ | path pre_shared_key "/ | ||
+ | path certificate "/ | ||
+ | remote 192.168.100.100 { | ||
+ | exchange_mode main; | ||
+ | lifetime time 1 hour; | ||
+ | proposal { | ||
+ | encryption_algorithm 3des; | ||
+ | hash_algorithm sha1; | ||
+ | authentication_method pre_shared_key; | ||
+ | dh_group 2; | ||
+ | } | ||
+ | } | ||
+ | |||
+ | sainfo address 192.168.100.2/ | ||
+ | pfs_group 2; | ||
+ | lifetime time 1 hour; | ||
+ | encryption_algorithm 3des; | ||
+ | authentication_algorithm hmac_sha1; | ||
+ | compression_algorithm deflate; | ||
+ | } | ||
</ | </ | ||
<file | / | <file | / | ||
+ | 192.168.100.100 KEY-TEST | ||
</ | </ | ||
Line 169: | Line 200: | ||
# pro troubleshooting tunelu | # pro troubleshooting tunelu | ||
tail -f / | tail -f / | ||
+ | |||
+ | # spuštění racoonu v popředí v debug módu (před tím je dobré zastavit službu) | ||
+ | racoon -d -v -F -f / | ||
</ | </ |