MàJ et corrections d'options
This commit is contained in:
parent
a6ffb4cc80
commit
0aa2063ab6
|
@ -62,13 +62,6 @@ net.inet.ah.enable=1
|
|||
net.inet.ip.forwarding=1
|
||||
~~~
|
||||
|
||||
Activer l'interface enc0 :
|
||||
|
||||
~~~
|
||||
# ifconfig enc0 up
|
||||
# echo up >/etc/hostname.enc0
|
||||
~~~
|
||||
|
||||
Dans /etc/pf.conf, positionner :
|
||||
|
||||
~~~
|
||||
|
@ -76,12 +69,14 @@ set skip on {lo0 enc0}
|
|||
|
||||
pass in on $ext_if proto esp from $addr_gw2 to ($ext_if)
|
||||
pass in on $ext_if proto udp from $addr_gw2 to ($ext_if) port {isakmp, ipsec-nat-t}
|
||||
pass in on $ext_if proto udp from $addr_gw2 port {isakmp, ipsec-nat-t} to ($ext_if)
|
||||
~~~
|
||||
|
||||
Dans /etc/ipsec.conf, positionner :
|
||||
|
||||
~~~
|
||||
local_network="192.0.2.0/24"
|
||||
|
||||
remote_ip="198.51.100.254"
|
||||
remote_network="198.51.100.0/24"
|
||||
|
||||
|
@ -101,12 +96,12 @@ Tester la configuration :
|
|||
# ipsecctl -n -f /etc/ipsec.conf
|
||||
~~~
|
||||
|
||||
Démarrer le service :
|
||||
Activer et démarrer le service :
|
||||
|
||||
~~~
|
||||
# cat /etc/rc.conf.local
|
||||
isakmpd_flags="-K"
|
||||
|
||||
# rcctl enable ipsec
|
||||
# rcctl enable isakmpd
|
||||
# rcctl set isakmpd flags -KTv
|
||||
# rcctl start isakmpd
|
||||
# ipsecctl -f /etc/ipsec.conf
|
||||
~~~
|
||||
|
|
Loading…
Reference in a new issue