Differences
This shows you the differences between two versions of the page.
|
ipsec [2006/06/27 11:30] a |
ipsec [2009/05/25 00:35] |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | * http:// | ||
| - | |||
| - | This describes a configuration that extrudes a single public IP from a gateway to a laptop. | ||
| - | |||
| - | On the laptop (named marajade -- Hand of the Emperor). Note, in this diagram the gateway is " | ||
| - | |||
| - | conn marajade--extrude | ||
| - | left=205.150.200.134 | ||
| - | leftsubnet=0.0.0.0/ | ||
| - | leftnexthop=205.150.200.129 | ||
| - | right=%defaultroute | ||
| - | rightid=@marajade.sandelman.ca | ||
| - | rightsubnet=205.150.200.163/ | ||
| - | rightsourceip=205.150.200.163 | ||
| - | auto=add | ||
| - | |||
| - | On the gateway (mrcharlie): | ||
| - | |||
| - | conn marajade--extrude | ||
| - | left=205.150.200.134 | ||
| - | leftsubnet=0.0.0.0/ | ||
| - | leftnexthop=205.150.200.129 | ||
| - | right=%any | ||
| - | rightid=@marajade.sandelman.ca | ||
| - | rightsubnet=205.150.200.163/ | ||
| - | rightsourceip=205.150.200.163 | ||
| - | auto=add | ||
| - | |||
| - | Note that the ONLY difference is right=%any (on gateway) and right=%defaultroute (on laptop). | ||
| - | |||
| - | In this case, all keys come from DNS. Note that if you use PSK, main mode probably fails for you. Use RAW rsa keys. | ||
