Kame
Zur Navigation springen
Zur Suche springen
/etc/setkey.conf
#!/usr/sbin/setkey -f flush; spdflush; spdadd 192.168.254.0/24 192.168.200.0/21 any -P out ipsec esp/tunnel/217.91.41.188-217.89.52.3/require; spdadd 192.168.200.0/21 192.168.254.0/24 any -P in ipsec esp/tunnel/217.89.52.3-217.89.52.3/require;
starten von setkey
setkey -f /etc/setkey.conf
/etc/racoon.conf
path pre_shared_key "/etc/psk.txt"; remote 217.89.52.3 { exchange_mode main; proposal { encryption_algorithm 3des; hash_algorithm md5; authentication_method pre_shared_key; dh_group modp1536; } } sainfo address 192.168.254.0/24 any address 192.168.200.0/21 any { pfs_group modp1536; encryption_algorithm 3des; authentication_algorithm hmac_md5; compression_algorithm deflate; }
/etc/psk.txt
217.89.52.3 schmeich-daneich-gleich
starten von racoon
racoon -Ff /etc/racoon.conf