Differences

This shows you the differences between two versions of the page.

--- wiki:site:obecne:ipsec [2013/03/20 14:37]
root
+++ wiki:site:obecne:ipsec [2014/12/26 18:31] (current)
@@ Line 95: / Line 95: @@
 # pro troubleshooting tunelu
 tail -f /var/log/daemon.log
+# spuštění racoonu v popředí v debug módu (před tím je dobré zastavit službu)
+racoon -d -v -F -f /etc/racoon/racoon.conf
 </code>
@@ Line 109: / Line 112: @@
  group 2
  lifetime 3600
-crypto isakmp key TEST address 192.168.100.2 no-xauth
+crypto isakmp key KEY-TEST address 192.168.100.2 no-xauth
 !
 !
@@ Line 149: / Line 152: @@
 <file | /etc/ipsec-tools.conf>
+flush;
+spdflush;
+spdadd 192.168.100.2/32 10.0.0.2/32  any -P out ipsec
+   esp/tunnel/192.168.100.2-192.168.100.100/require;
+spdadd 10.0.0.2/32 192.168.100.2/32 any -P in ipsec
+   esp/tunnel/192.168.100.100-192.168.100.2/require;
 </file>
 <file | /etc/racoon/racoon.conf>
+path pre_shared_key "/etc/racoon/psk.txt";
+path certificate "/etc/racoon/certs";
+remote 192.168.100.100 {
+        exchange_mode main;
+        lifetime time 1 hour;
+        proposal {
+                encryption_algorithm 3des;
+                hash_algorithm sha1;
+                authentication_method pre_shared_key;
+                dh_group 2;
+        }
+}
+sainfo address 192.168.100.2/32 any address 10.0.0.2/32 any {
+        pfs_group 2;
+        lifetime time 1 hour;
+        encryption_algorithm 3des;
+        authentication_algorithm hmac_sha1;
+        compression_algorithm deflate;
+}
 </file>
 <file | /etc/racoon/psk.txt>
+.168.100.100 KEY-TEST
 </file>
@@ Line 169: / Line 200: @@
 # pro troubleshooting tunelu
 tail -f /var/log/daemon.log
+# spuštění racoonu v popředí v debug módu (před tím je dobré zastavit službu)
+racoon -d -v -F -f /etc/racoon/racoon.conf
 </code>

wiki.lkaplan.cz

User Tools

Site Tools

Differences

Page Tools