☰

Created gre plus ipsec debian (markdown)

gollum committed 2013-03-11 18:20:33 +0100 commit 7653f428e733a548e4c41435869d950dcbca970c

				gre-plus-ipsec-debian.md
			
          @@ -0,0 +1,19 @@

          +# GRE + IPsec on Debian based distros

          +

          +* Install racoon from ipsec-tools.

          +* Define an IPsec security policy in /etc/ipsec-tools.conf

          +* Load the IPsec security policy into the IPsec security policy database.

          +* Configure the racoon daemon.

          +* Configure a GRE tunnel.

          +

          +## Used resources in this example:

          +* tunnel endpoints: 1.2.3.4 and 5.6.7.8

          +* internal IPv4 addresses: 10.0.0.1 and 10.0.0.2

          +

          +## Define an IPsec security policy

          +Example policy on 1.2.3.4:

          +```

          +#!/usr/sbin/setkey -f

          +spdadd 1.2.3.4 5.6.7.8 gre -P out ipsec esp/transport//require;

          +spdadd 5.6.7.8 1.2.3.4 gre -P in  ipsec esp/transport//require;

          +```

          \ No newline at end of file

...	...	@@ -0,0 +1,19 @@
	1	+# GRE + IPsec on Debian based distros
	2	+
	3	+* Install racoon from ipsec-tools.
	4	+* Define an IPsec security policy in /etc/ipsec-tools.conf
	5	+* Load the IPsec security policy into the IPsec security policy database.
	6	+* Configure the racoon daemon.
	7	+* Configure a GRE tunnel.
	8	+
	9	+## Used resources in this example:
	10	+* tunnel endpoints: 1.2.3.4 and 5.6.7.8
	11	+* internal IPv4 addresses: 10.0.0.1 and 10.0.0.2
	12	+
	13	+## Define an IPsec security policy
	14	+Example policy on 1.2.3.4:
	15	+```
	16	+#!/usr/sbin/setkey -f
	17	+spdadd 1.2.3.4 5.6.7.8 gre -P out ipsec esp/transport//require;
	18	+spdadd 5.6.7.8 1.2.3.4 gre -P in ipsec esp/transport//require;
	19	+```
...	...	\ No newline at end of file