Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- routeadm -u -e ipv4-routing
- routeadm -u -e ipv4-forwarding
- p1_xform
- { auth_method preshared oakley_group 5 auth_alg sha encr_alg 3des }
- p2_pfs 2
- { localidtype IP
- localid 192.168.0.21
- remoteidtype IP
- remoteid 192.168.0.119
- }
- svcadm enable ike
- svcs ike
- # LAN traffic to and from this host can bypass IPsec.
- {laddr 192.168.0.0 dir both} bypass {}
- # WAN traffic uses ESP with AES and SHA-1.
- {tunnel ip.tun0 negotiate tunnel}
- ipsec {encr_algs aes encr_auth_algs sha1 sa shared}
- svcadm refresh ipsec/policy
- svcs -a|grep -i ipsec
- disabled 9:35:34 svc:/network/ipsec/manual-key:default
- online 9:35:53 svc:/network/ipsec/ipsecalgs:default
- online 9:35:53 svc:/network/ipsec/ike:default
- online 9:54:38 svc:/network/ipsec/policy:default
- ifconfig ip.tun0 plumb
- ifconfig ip.tun0 192.168.192.24 192.168.192.40 tsrc 192.168.0.21 tdst 192.168.0.199 router up
- ifconfig ip.tun0 plumb
- ifconfig ip.tun0 192.168.192.40 192.168.192.24 tsrc 192.168.0.199 tdst 192.168.0.21 router up
- ping 192.168.0.199
- 192.168.0.199 is alive
- ping 192.168.0.2
- 192.168.0.2 is alive
- ping -s 192.168.192.40
- PING 192.168.192.40: 56 data bytes
- ----192.168.192.40 PING Statistics----
- 25 packets transmitted, 0 packets received, 100% packet loss
- ping -s 192.168.192.24
- PING 192.168.192.24: 56 data bytes
- ----192.168.192.24 PING Statistics----
- 25 packets transmitted, 0 packets received, 100% packet loss
Add Comment
Please, Sign In to add comment