From da7027922296944e9db1330491b4d404809db15a Mon Sep 17 00:00:00 2001
From: root <root@localhost>
Date: Mon, 7 Oct 2024 11:44:55 +0200
Subject: [PATCH] =?UTF-8?q?=09nouveau=20fichier=C2=A0:=20ip-addresses=20?=
 =?UTF-8?q?=09nouveau=20fichier=C2=A0:=20ip-routes=20=09nouveau=20fichier?=
 =?UTF-8?q?=C2=A0:=20ipsec.conf?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 sio2/CYBERSECURITE/03-ipsec/gw2/ip-addresses | 18 +++++++++++++++
 sio2/CYBERSECURITE/03-ipsec/gw2/ip-routes    |  3 +++
 sio2/CYBERSECURITE/03-ipsec/gw2/ipsec.conf   | 23 ++++++++++++++++++++
 3 files changed, 44 insertions(+)
 create mode 100644 sio2/CYBERSECURITE/03-ipsec/gw2/ip-addresses
 create mode 100644 sio2/CYBERSECURITE/03-ipsec/gw2/ip-routes
 create mode 100644 sio2/CYBERSECURITE/03-ipsec/gw2/ipsec.conf

diff --git a/sio2/CYBERSECURITE/03-ipsec/gw2/ip-addresses b/sio2/CYBERSECURITE/03-ipsec/gw2/ip-addresses
new file mode 100644
index 0000000..24f2ca9
--- /dev/null
+++ b/sio2/CYBERSECURITE/03-ipsec/gw2/ip-addresses
@@ -0,0 +1,18 @@
+1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
+    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
+    inet 127.0.0.1/8 scope host lo
+       valid_lft forever preferred_lft forever
+    inet6 ::1/128 scope host noprefixroute 
+       valid_lft forever preferred_lft forever
+2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
+    link/ether 08:00:27:a5:78:29 brd ff:ff:ff:ff:ff:ff
+    inet 192.168.2.1/24 brd 192.168.2.255 scope global enp0s3
+       valid_lft forever preferred_lft forever
+    inet6 fe80::a00:27ff:fea5:7829/64 scope link 
+       valid_lft forever preferred_lft forever
+3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
+    link/ether 08:00:27:d5:f3:b1 brd ff:ff:ff:ff:ff:ff
+    inet 10.0.0.2/24 brd 10.0.0.255 scope global enp0s8
+       valid_lft forever preferred_lft forever
+    inet6 fe80::a00:27ff:fed5:f3b1/64 scope link 
+       valid_lft forever preferred_lft forever
diff --git a/sio2/CYBERSECURITE/03-ipsec/gw2/ip-routes b/sio2/CYBERSECURITE/03-ipsec/gw2/ip-routes
new file mode 100644
index 0000000..8fee157
--- /dev/null
+++ b/sio2/CYBERSECURITE/03-ipsec/gw2/ip-routes
@@ -0,0 +1,3 @@
+10.0.0.0/24 dev enp0s8 proto kernel scope link src 10.0.0.2 
+192.168.1.0/24 via 192.168.2.1 dev enp0s3 
+192.168.2.0/24 dev enp0s3 proto kernel scope link src 192.168.2.1 
diff --git a/sio2/CYBERSECURITE/03-ipsec/gw2/ipsec.conf b/sio2/CYBERSECURITE/03-ipsec/gw2/ipsec.conf
new file mode 100644
index 0000000..1d0db41
--- /dev/null
+++ b/sio2/CYBERSECURITE/03-ipsec/gw2/ipsec.conf
@@ -0,0 +1,23 @@
+config setup
+        charondebug="all"
+        uniqueids=yes
+        strictcrlpolicy=no
+conn %default
+conn tunnel #
+        left=10.0.0.2
+        leftsubnet=192.168.2.0/24
+        right=10.0.0.1
+        rightsubnet=192.168.1.0/24
+        ike=aes256-sha2_256-modp1024!
+        esp=aes256-sha2_256!
+        keyingtries=0
+        ikelifetime=1h
+        lifetime=8h
+        dpddelay=30
+        dpdtimeout=120
+        dpdaction=restart
+        authby=secret
+        auto=start
+        keyexchange=ikev2
+        type=tunnel
+