2ba6405d05ffa59acf0144b7a60b6249e12d94e4
gre-plus-ipsec-debian.md
| ... | ... | @@ -30,6 +30,7 @@ setkey -DP |
| 30 | 30 | ``` |
| 31 | 31 | |
| 32 | 32 | ## Configure the racoon daemon |
| 33 | +An example /etc/racoon/racoon.conf. |
|
| 33 | 34 | ``` |
| 34 | 35 | path pre_shared_key "/etc/racoon/psk.txt"; |
| 35 | 36 | path certificate "/etc/racoon/certs"; |
| ... | ... | @@ -70,4 +71,18 @@ sainfo (address 1.2.3.4 address 5.6.7.8 47) { |
| 70 | 71 | encryption_algorithm aes 256; |
| 71 | 72 | authentication_algorithm hmac_sha1; |
| 72 | 73 | compression_algorithm deflate; |
| 73 | -} |
|
| ... | ... | \ No newline at end of file |
| 0 | +} |
|
| 1 | +``` |
|
| 2 | + |
|
| 3 | +## Configure a GRE tunnel |
|
| 4 | +Add this to /etc/network/interfaces: |
|
| 5 | +``` |
|
| 6 | +auto tun0 |
|
| 7 | +iface tun0 inet static |
|
| 8 | + address 10.0.0.1 |
|
| 9 | + netmask 255.255.255.255 |
|
| 10 | + up ifconfig tun0 multicast |
|
| 11 | + pre-up iptunnel add tun0 mode gre local 1.2.3.4 remote 5.6.7.8 ttl 255 |
|
| 12 | + pointtopoint 10.0.0.2 |
|
| 13 | + post-down iptunnel del tun0 |
|
| 14 | +``` |