nouveau fichier : ip-addresses
nouveau fichier : ip-routes nouveau fichier : ipsec.conf
This commit is contained in:
parent
845e9473b9
commit
72afb9c9c6
18
sio2/CYBERSECURITE/03-ipsec/gw1/ip-addresses
Normal file
18
sio2/CYBERSECURITE/03-ipsec/gw1/ip-addresses
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
|
||||||
|
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
|
||||||
|
inet 127.0.0.1/8 scope host lo
|
||||||
|
valid_lft forever preferred_lft forever
|
||||||
|
inet6 ::1/128 scope host noprefixroute
|
||||||
|
valid_lft forever preferred_lft forever
|
||||||
|
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
|
||||||
|
link/ether 08:00:27:49:8b:ef brd ff:ff:ff:ff:ff:ff
|
||||||
|
inet 192.168.1.1/24 brd 192.168.1.255 scope global enp0s3
|
||||||
|
valid_lft forever preferred_lft forever
|
||||||
|
inet6 fe80::a00:27ff:fe49:8bef/64 scope link
|
||||||
|
valid_lft forever preferred_lft forever
|
||||||
|
3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
|
||||||
|
link/ether 08:00:27:13:cc:5a brd ff:ff:ff:ff:ff:ff
|
||||||
|
inet 10.0.0.1/24 brd 10.0.0.255 scope global enp0s8
|
||||||
|
valid_lft forever preferred_lft forever
|
||||||
|
inet6 fe80::a00:27ff:fe13:cc5a/64 scope link
|
||||||
|
valid_lft forever preferred_lft forever
|
||||||
3
sio2/CYBERSECURITE/03-ipsec/gw1/ip-routes
Normal file
3
sio2/CYBERSECURITE/03-ipsec/gw1/ip-routes
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
10.0.0.0/24 dev enp0s8 proto kernel scope link src 10.0.0.1
|
||||||
|
192.168.1.0/24 dev enp0s3 proto kernel scope link src 192.168.1.1
|
||||||
|
192.168.2.0/24 via 192.168.1.1 dev enp0s3
|
||||||
23
sio2/CYBERSECURITE/03-ipsec/gw1/ipsec.conf
Normal file
23
sio2/CYBERSECURITE/03-ipsec/gw1/ipsec.conf
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
config setup
|
||||||
|
charondebug="all"
|
||||||
|
uniqueids=yes
|
||||||
|
strictcrlpolicy=no
|
||||||
|
conn %default
|
||||||
|
conn tunnel #
|
||||||
|
left=10.0.0.1
|
||||||
|
leftsubnet=192.168.1.0/24
|
||||||
|
right=10.0.0.2
|
||||||
|
rightsubnet=192.168.2.0/24
|
||||||
|
ike=aes256-sha2_256-modp1024!
|
||||||
|
esp=aes256-sha2_256!
|
||||||
|
keyingtries=0
|
||||||
|
ikelifetime=1h
|
||||||
|
lifetime=8h
|
||||||
|
dpddelay=30
|
||||||
|
dpdtimeout=120
|
||||||
|
dpdaction=restart
|
||||||
|
authby=secret
|
||||||
|
auto=start
|
||||||
|
keyexchange=ikev2
|
||||||
|
type=tunnel
|
||||||
|
|
||||||
Loading…
x
Reference in New Issue
Block a user