{"id":124807,"date":"2018-10-23T08:09:19","date_gmt":"2018-10-23T00:09:19","guid":{"rendered":"https:\/\/lrxjmw.cn\/?p=124807"},"modified":"2018-10-22T09:10:27","modified_gmt":"2018-10-22T01:10:27","slug":"openswan-configuring-ipsec","status":"publish","type":"post","link":"https:\/\/lrxjmw.cn\/openswan-configuring-ipsec.html","title":{"rendered":"Openswan software configuring IPSec"},"content":{"rendered":"

\u642d\u5efa\u4e00\u5957ipsec VPN\uff0c\u53c2\u7167\u73b0\u5728\u7f51\u4e0a\u7684\u8d44\u6599\u642d\u5efa\u7684ipsec\/l2tp\u65b9\u5f0f\u53ef\u4ee5\u6b63\u5e38\u8bbf\u95ee\uff0c\u5efa\u7acb\u8fde\u63a5\u3002\u800c\u4e14ipsec\u670d\u52a1\u5668\u4e0e\u8fde\u63a5\u4ed6\u7684\u7535\u8111\u4e0d\u518d\u540c\u4e00\u7f51\u6bb5\u5185\uff0cipsec.conf\u914d\u7f6e\uff1a<\/p>\n

\r\nconfig setup \r\n protostack=netkey \r\n nat_traversal=yes \r\n virtual_private=%v4:192.168.0.0\/16,%v4:10.0.0.0\/8,%v4:172.16.0.0\/12,%v4:25.0.0.0\/8,%v4:!10.254.253.0\/24 \r\n interfaces=\"%defaultroute\" \r\n oe=off \r\n \r\nconn l2tp-psk \r\n authby=secret \r\n pfs=no \r\n auto=add \r\n rekey=no \r\n type=transport \r\n left=192.168.2.157 \/\/\u8fd9\u662fipsec\u7684\u51fa\u53e3\u5730\u5740 \r\n leftprotoport=17\/1701 \r\n right=%any \r\n rightprotoport=17\/%any \r\n rightsubnet=vhost:%priv,%no \r\n<\/pre>\n

\u5728\u5efa\u7acb\u4e24\u7aefipsec\u5efa\u7acb\u8fde\u63a5\u65f6\u51fa\u73b0\u4e86\u95ee\u9898\uff0c\u5927\u6982\u62d3\u6251\uff1a
\n $\"\"$ <\/p>\n

\u73b0\u5728\u60f3\u8ba9ipsec1 \u4e0e ipsec2\u8fde\u63a5ipsec\u901a\u9053\uff0c\u4e24\u53f0\u7535\u8111\u73af\u5883\u76f8\u540c\uff0ccentos 6.3 + openswan 2.6.47<\/p>\n

\u914d\u7f6e\u6587\u4ef6\u5982\u4e0b:<\/p>\n

\r\nconn ipsec-                    \r\n    authby=rsasign              \r\n    pfs=no                     \r\n    auto=start                 \r\n    rekey=no                   \r\n    type=transport             \r\n    left=192.168.3.240         \r\n    leftsubnet=192.168.3.0\/24  \r\n    leftprotoport=17\/1701      \r\n    right=192.168.2.114        \r\n    rightsubnet=192.168.2.0\/24 \r\n    leftrsasigkey=\u2026\u2026\r\n    rightrsasigkey=\u2026\u2026\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"\u642d\u5efa\u4e00\u5957ipsec VPN\uff0c\u53c2\u7167\u73b0\u5728\u7f51\u4e0a\u7684\u8d44\u6599\u642d\u5efa\u7684ipsec\/l2tp\u65b9\u5f0f\u53ef\u4ee5\u6b63\u5e38\u8bbf\u95ee\uff0c\u5efa\u7acb\u8fde\u63a5\u3002\u800c\u4e14ips […]<\/p>\n","protected":false},"author":1479,"featured_media":82975,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[55],"tags":[],"class_list":["post-124807","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-thread"],"acf":[],"_links":{"self":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts\/124807","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/users\/1479"}],"replies":[{"embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/comments?post=124807"}],"version-history":[{"count":3,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts\/124807\/revisions"}],"predecessor-version":[{"id":125051,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts\/124807\/revisions\/125051"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/media\/82975"}],"wp:attachment":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/media?parent=124807"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/categories?post=124807"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/tags?post=124807"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}