Guest User

Untitled

a guest
Feb 17th, 2019
101
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.42 KB | None | 0 0
  1. routeadm -u -e ipv4-routing
  2. routeadm -u -e ipv4-forwarding
  3.  
  4. p1_xform
  5. { auth_method preshared oakley_group 5 auth_alg sha encr_alg 3des }
  6. p2_pfs 2
  7.  
  8. { localidtype IP
  9. localid 192.168.0.21
  10. remoteidtype IP
  11. remoteid 192.168.0.119
  12. }
  13.  
  14. svcadm enable ike
  15. svcs ike
  16.  
  17. # LAN traffic to and from this host can bypass IPsec.
  18. {laddr 192.168.0.0 dir both} bypass {}
  19.  
  20. # WAN traffic uses ESP with AES and SHA-1.
  21. {tunnel ip.tun0 negotiate tunnel}
  22. ipsec {encr_algs aes encr_auth_algs sha1 sa shared}
  23.  
  24. svcadm refresh ipsec/policy
  25.  
  26. svcs -a|grep -i ipsec
  27. disabled 9:35:34 svc:/network/ipsec/manual-key:default
  28. online 9:35:53 svc:/network/ipsec/ipsecalgs:default
  29. online 9:35:53 svc:/network/ipsec/ike:default
  30. online 9:54:38 svc:/network/ipsec/policy:default
  31.  
  32. ifconfig ip.tun0 plumb
  33. ifconfig ip.tun0 192.168.192.24 192.168.192.40 tsrc 192.168.0.21 tdst 192.168.0.199 router up
  34.  
  35. ifconfig ip.tun0 plumb
  36. ifconfig ip.tun0 192.168.192.40 192.168.192.24 tsrc 192.168.0.199 tdst 192.168.0.21 router up
  37.  
  38. ping 192.168.0.199
  39. 192.168.0.199 is alive
  40.  
  41. ping 192.168.0.2
  42. 192.168.0.2 is alive
  43.  
  44. ping -s 192.168.192.40
  45. PING 192.168.192.40: 56 data bytes
  46. ----192.168.192.40 PING Statistics----
  47. 25 packets transmitted, 0 packets received, 100% packet loss
  48.  
  49. ping -s 192.168.192.24
  50. PING 192.168.192.24: 56 data bytes
  51. ----192.168.192.24 PING Statistics----
  52. 25 packets transmitted, 0 packets received, 100% packet loss
Add Comment
Please, Sign In to add comment