VPN cez GRE alebo vtund
pete klimo
klimo na hmz.sk
Čtvrtek Červenec 17 08:57:10 CEST 2003
Chcem rozchodit VPN s sifrovaným tunelom pod Debian. GRE tunel v popise modulu je s moznostou kryptovania, ale po prekompilovaní jadra s modulom Gre tuneling, som nenasiel ziadnu moznost nastavenia kryptovania
4: gre0 na NONE: <NOARP> mtu 1476 qdisc noop
link/gre 0.0.0.0 brd 0.0.0.0
6: tunl64 na NONE: <POINTOPOINT,NOARP,UP> mtu 1460 qdisc noqueue
link/gre 192.168.8.254 peer 192.168.1.11
inet 10.24.17.64/32 scope global tunl64
dá sa to vobec ? ....
Ak pouzijem vtund viete nejakú rýchlu konfiguráciu pre vtund.conf (nepoznám type "tun"alebo "ether" a tun mi nenabehne....)
Ako nastavit vtund-start.conf ?
Dakujem
options {
type stand;
port 9023;
timeout 300;
ifconfig /sbin/ifconfig;
route /sbin/route;
}
default {
type tun;
proto tcp;
persist yes;
compress zlib:9;
encrypt yes;
keepalive yes;
multi 10;
}
#xx tunel
xx{
type tun;
password bac3404afbde40b6d392b352ff23a82e;
up {
ifconfig "%% 192.168.0.1 pointopoint 192.168.0.2 mtu 1450";
route "add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.0.2";
program /sbin/arp "-sD 192.168.0.2 eth0 pub";
};
down {
ifconfig "%% down";
};
}
xx_ether {
type ether;
multi 0;
password bac3404afbde40b6d392b352ff23a82e;
up {
ifconfig "%% 192.168.0.1 netmask 255.255.255.0 mtu 1450";
route "add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.0.2";
};
down {
ifconfig "%% down";
Další informace o konferenci Linux