Racoon-fritz: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) |
Thomas (Diskussion | Beiträge) (→Racoon) |
||
Zeile 6: | Zeile 6: | ||
[[Datei:fritz-racoon2.png|1000px]] | [[Datei:fritz-racoon2.png|1000px]] | ||
=Racoon= | =Racoon= | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
*/etc/racoon.conf | */etc/racoon.conf | ||
<pre> | <pre> | ||
Zeile 25: | Zeile 15: | ||
my_identifier fqdn zee.vpn.int; | my_identifier fqdn zee.vpn.int; | ||
proposal_check obey; | proposal_check obey; | ||
+ | script "/etc/racoon/phase1-up.sh" phase1_up; | ||
+ | script "/etc/racoon/phase1-down.sh" phase1_down; | ||
+ | script "/etc/racoon/phase1-down.sh" phase1_dead; | ||
proposal { | proposal { | ||
encryption_algorithm aes; | encryption_algorithm aes; |
Version vom 5. Dezember 2017, 18:03 Uhr
Fritz
- Internet
- Freigaben
- VPN
- Ihr Heimnetz mit einem anderen FRITZ!Box-Netzwerk verbinden (LAN-LAN-Kopplung)
- VPN
- Freigaben
Racoon
- /etc/racoon.conf
log debug; path pre_shared_key "/etc/racoon/psk.txt"; remote anonymous { exchange_mode aggressive; my_identifier fqdn zee.vpn.int; proposal_check obey; script "/etc/racoon/phase1-up.sh" phase1_up; script "/etc/racoon/phase1-down.sh" phase1_down; script "/etc/racoon/phase1-down.sh" phase1_dead; proposal { encryption_algorithm aes; hash_algorithm sha1; authentication_method pre_shared_key; dh_group 2; } } sainfo address 10.83.31.0/24 any address 10.83.42.0/24 any { #pfs_group 2; lifetime time 1 hour ; encryption_algorithm aes ; authentication_algorithm hmac_sha1 ; compression_algorithm deflate ; }
- /etc/racoon/psk.txt
10.84.252.33 suxer