Version vom 5. Dezember 2017, 18:03 Uhr

Fritz

Internet
- Freigaben
  - VPN
    - Ihr Heimnetz mit einem anderen FRITZ!Box-Netzwerk verbinden (LAN-LAN-Kopplung)

Racoon

/etc/racoon.conf

log debug;
path pre_shared_key "/etc/racoon/psk.txt";

remote anonymous {
        exchange_mode aggressive;
        my_identifier fqdn zee.vpn.int;
        proposal_check obey;
        script "/etc/racoon/phase1-up.sh" phase1_up;
        script "/etc/racoon/phase1-down.sh" phase1_down;
        script "/etc/racoon/phase1-down.sh" phase1_dead;
        proposal {
                encryption_algorithm aes;
                hash_algorithm sha1;
                authentication_method pre_shared_key;
                dh_group 2;
        }
}

sainfo address 10.83.31.0/24 any address 10.83.42.0/24 any {
        #pfs_group 2;
        lifetime time 1 hour ;
        encryption_algorithm aes ;
        authentication_algorithm hmac_sha1 ;
        compression_algorithm deflate ;
}

/etc/racoon/psk.txt

10.84.252.33 suxer

@@ Zeile 6: / Zeile 6: @@
 [[Datei:fritz-racoon2.png|1000px]]
 =Racoon=
-*/etc/ipsec-tools.conf
-<pre>
-#!/usr/sbin/setkey -f
-flush;
-spdflush;
-spdadd 10.83.31.0/24 10.83.42.0/24 any -P out ipsec
-       esp/tunnel/10.84.252.31-10.84.252.42/require;
-spdadd 10.83.42.0/24 10.83.31.0/24  any -P in ipsec
-    esp/tunnel/10.84.252.42-10.84.252.31/require;
-</pre>
 */etc/racoon.conf
 <pre>
@@ Zeile 25: / Zeile 15: @@
          my_identifier fqdn zee.vpn.int;
          proposal_check obey;
+        script "/etc/racoon/phase1-up.sh" phase1_up;
+        script "/etc/racoon/phase1-down.sh" phase1_down;
+        script "/etc/racoon/phase1-down.sh" phase1_dead;
          proposal {
                  encryption_algorithm aes;

Racoon-fritz: Unterschied zwischen den Versionen

Version vom 5. Dezember 2017, 18:03 Uhr

Fritz

Racoon

Navigationsmenü

Suche