2 vpn channels with gre tunnel ans ospf quagga: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) (Die Seite wurde neu angelegt: „=gustavo= ==strongswan== ===gustavo.xinux.lan=== */etc/ipsec.conf conn gustavo-tiazel-1 authby=secret type=transport left=10.84.252.33…“) |
Thomas (Diskussion | Beiträge) |
||
| Zeile 1: | Zeile 1: | ||
=gustavo= | =gustavo= | ||
==strongswan== | ==strongswan== | ||
| − | |||
*/etc/ipsec.conf | */etc/ipsec.conf | ||
conn gustavo-tiazel-1 | conn gustavo-tiazel-1 | ||
| Zeile 38: | Zeile 37: | ||
ip address add dev gt1 $LTIP1 peer $RTIP1/32 | ip address add dev gt1 $LTIP1 peer $RTIP1/32 | ||
ip address add dev gt2 $LTIP2 peer $RTIP2/32 | ip address add dev gt2 $LTIP2 peer $RTIP2/32 | ||
| + | ip link set gt1 up | ||
| + | ip link set gt2 up | ||
| + | </pre> | ||
| + | =tiazel= | ||
| + | ==strongswan== | ||
| + | */etc/ipsec.conf | ||
| + | <pre> | ||
| + | conn gustavo-tiazel-1 | ||
| + | authby=secret | ||
| + | type=transport | ||
| + | left=10.84.252.33 | ||
| + | right=10.84.252.32 | ||
| + | auto=start | ||
| + | |||
| + | conn gustavo-tiazel-2 | ||
| + | authby=secret | ||
| + | type=transport | ||
| + | left=10.84.244.33 | ||
| + | right=10.84.244.32 | ||
| + | auto=start | ||
| + | </pre> | ||
| + | */etc/ipsec.secret | ||
| + | 10.84.252.32 10.84.252.33 : PSK "suxer" | ||
| + | 10.84.244.32 10.84.244.33 : PSK "suxer"#!/bin/bash | ||
| + | ==gre tunnel== | ||
| + | <pre> | ||
| + | #!/bin/bash | ||
| + | modprobe ip_gre | ||
| + | LIP1="10.84.252.32" | ||
| + | RIP1="10.84.252.33" | ||
| + | LIP2="10.84.244.32" | ||
| + | RIP2="10.84.244.33" | ||
| + | LTIP1="10.1.1.32" | ||
| + | RTIP1="10.1.1.33" | ||
| + | LTIP2="10.1.8.32" | ||
| + | RTIP2="10.1.8.33" | ||
| + | |||
| + | |||
| + | ip tunnel add gt1 mode gre remote $RIP1 local $LIP1 ttl 255 | ||
| + | ip tunnel add gt2 mode gre remote $RIP2 local $LIP2 ttl 255 | ||
| + | ip address add dev gt1 $LTIP1 peer $RTIP1/32 | ||
| + | ip address add dev gt2 $LTIP2 peer $RTIP2/32 | ||
| + | |||
ip link set gt1 up | ip link set gt1 up | ||
ip link set gt2 up | ip link set gt2 up | ||
</pre> | </pre> | ||
Version vom 13. Dezember 2017, 17:28 Uhr
gustavo
strongswan
- /etc/ipsec.conf
conn gustavo-tiazel-1
authby=secret
type=transport
left=10.84.252.33
right=10.84.252.32
auto=start
conn gustavo-tiazel-2
authby=secret
type=transport
left=10.84.244.33
right=10.84.244.32
auto=start
- /etc/ipsec.secret
10.84.252.33 10.84.252.31 : PSK "suxer" 10.84.244.33 10.84.244.31 : PSK "suxer"
gre tunnel
#!/bin/bash modprobe ip_gre LIP1="10.84.252.33" RIP1="10.84.252.32" LIP2="10.84.244.33" RIP2="10.84.244.32" LTIP1="10.1.1.33" RTIP1="10.1.1.32" LTIP2="10.1.8.33" RTIP2="10.1.8.32" ip tunnel add gt1 mode gre remote $RIP1 local $LIP1 ttl 255 ip tunnel add gt2 mode gre remote $RIP2 local $LIP2 ttl 255 ip address add dev gt1 $LTIP1 peer $RTIP1/32 ip address add dev gt2 $LTIP2 peer $RTIP2/32 ip link set gt1 up ip link set gt2 up
tiazel
strongswan
- /etc/ipsec.conf
conn gustavo-tiazel-1
authby=secret
type=transport
left=10.84.252.33
right=10.84.252.32
auto=start
conn gustavo-tiazel-2
authby=secret
type=transport
left=10.84.244.33
right=10.84.244.32
auto=start
- /etc/ipsec.secret
10.84.252.32 10.84.252.33 : PSK "suxer" 10.84.244.32 10.84.244.33 : PSK "suxer"#!/bin/bash
gre tunnel
#!/bin/bash modprobe ip_gre LIP1="10.84.252.32" RIP1="10.84.252.33" LIP2="10.84.244.32" RIP2="10.84.244.33" LTIP1="10.1.1.32" RTIP1="10.1.1.33" LTIP2="10.1.8.32" RTIP2="10.1.8.33" ip tunnel add gt1 mode gre remote $RIP1 local $LIP1 ttl 255 ip tunnel add gt2 mode gre remote $RIP2 local $LIP2 ttl 255 ip address add dev gt1 $LTIP1 peer $RTIP1/32 ip address add dev gt2 $LTIP2 peer $RTIP2/32 ip link set gt1 up ip link set gt2 up