Strongswan ipsec tool: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
(Die Seite wurde neu angelegt: „=ipsec= ==start== ipsec start Starting strongSwan 5.1.2 IPsec [starter]... ==stop== ipsec stop Stopping strongSwan IPsec... ==restart== ipsec restart Stopp…“)
 
 
(3 dazwischenliegende Versionen von 2 Benutzern werden nicht angezeigt)
Zeile 1: Zeile 1:
=ipsec=
+
=start=
==start==
+
*ipsec start
ipsec start
+
=stop=
Starting strongSwan 5.1.2 IPsec [starter]...
+
*ipsec stop  
==stop==
+
=restart=
ipsec stop  
+
*ipsec restart
Stopping strongSwan IPsec...
+
=status=
==restart==
+
*ipsec status
ipsec restart
+
=status all=
Stopping strongSwan IPsec...
+
*ipsec statusall
Starting strongSwan 5.1.2 IPsec [starter]...
+
=down connection=
==status==
+
*ipsec down franz-huey
ipsec status
+
=update config=
Security Associations (1 up, 0 connecting):
+
*ipsec update
  franz-huey[1]: ESTABLISHED 25 seconds ago, 192.168.244.151[192.168.244.151]...192.168.242.249[192.168.242.249]
+
 
  franz-huey{1}:  INSTALLED, TUNNEL, ESP SPIs: c31e2d68_i 2b95ea12_o
+
=up connection=
  franz-huey{1}:  10.18.44.0/24 === 10.4.3.0/24
+
*ipsec up franz-huey
==down connection==
+
=ipsec listcerts=
ipsec down franz-huey
+
*ipsec listcerts
closing CHILD_SA franz-huey{1} with SPIs c31e2d68_i (0 bytes) 2b95ea12_o (0 bytes) and TS 10.18.44.0/24 === 10.4.3.0/24
 
sending DELETE for ESP CHILD_SA with SPI c31e2d68
 
generating INFORMATIONAL_V1 request 1665106720 [ HASH D ]
 
  sending packet: from 192.168.244.151[500] to 192.168.242.249[500] (76 bytes)
 
deleting IKE_SA franz-huey[1] between 192.168.244.151[192.168.244.151]...192.168.242.249[192.168.242.249]
 
sending DELETE for IKE_SA franz-huey[1]
 
generating INFORMATIONAL_V1 request 3546724926 [ HASH D ]
 
sending packet: from 192.168.244.151[500] to 192.168.242.249[500] (92 bytes)
 
IKE_SA [1] closed successfully
 
==up connection==
 
ipsec up franz-huey
 
<pre>
 
initiating IKE_SA franz-huey[3] to 192.168.242.249
 
generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
 
sending packet: from 192.168.244.151[500] to 192.168.242.249[500] (1036 bytes)
 
received packet: from 192.168.242.249[500] to 192.168.244.151[500] (248 bytes)
 
parsed IKE_SA_INIT response 0 [ SA KE No V ]
 
received unknown vendor ID: 4f:45:76:79:5c:6b:67:7a:57:71:5c:73
 
authentication of '192.168.244.151' (myself) with pre-shared key
 
establishing CHILD_SA franz-huey
 
generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr AUTH SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(EAP_ONLY) ]
 
sending packet: from 192.168.244.151[500] to 192.168.242.249[500] (348 bytes)
 
received packet: from 192.168.242.249[500] to 192.168.244.151[500] (204 bytes)
 
parsed IKE_AUTH response 1 [ IDr AUTH SA TSi TSr ]
 
authentication of '192.168.242.249' with pre-shared key successful
 
IKE_SA franz-huey[3] established between 192.168.244.151[192.168.244.151]...192.168.242.249[192.168.242.249]
 
scheduling reauthentication in 9905s
 
maximum IKE_SA lifetime 10445s
 
CHILD_SA franz-huey{4} established with SPIs cefb8ece_i 14440f5e_o and TS 10.18.44.0/24 === 10.4.3.0/24
 
connection 'franz-huey' established successfully
 
<pre>
 

Aktuelle Version vom 2. Juli 2022, 14:47 Uhr

start

  • ipsec start

stop

  • ipsec stop

restart

  • ipsec restart

status

  • ipsec status

status all

  • ipsec statusall

down connection

  • ipsec down franz-huey

update config

  • ipsec update

up connection

  • ipsec up franz-huey

ipsec listcerts

  • ipsec listcerts
Abgerufen von „http://wiki.ixheim.de/index.php?title=Strongswan_ipsec_tool&oldid=33664