Juniper Basic Setting: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) |
Thomas (Diskussion | Beiträge) |
||
| Zeile 13: | Zeile 13: | ||
=Vpn= | =Vpn= | ||
==Define own proposals== | ==Define own proposals== | ||
| − | *set ike p1-proposal aes256-sha1-modp1536 preshare group5 esp aes256 sha-1 hours 3 | + | *set ike p1-proposal p1-aes256-sha1-modp1536 preshare group5 esp aes256 sha-1 hours 3 |
| − | *set ike p2-proposal aes256-sha1-modp1536 group5 esp aes256 sha-1 hours 1 | + | *set ike p2-proposal p2-aes256-sha1-modp1536 group5 esp aes256 sha-1 hours 1 |
| + | |||
==Set networks== | ==Set networks== | ||
*set address trust juniper-net 10.83.41.0/24 | *set address trust juniper-net 10.83.41.0/24 | ||
Version vom 27. November 2017, 11:04 Uhr
Sysinfo
- get sys
Interface setting
- set interface untrust ip 10.84.252.41/24
- set interface untrust gateway 10.84.252.1
- set interface trust ip 10.83.41.1/24
- set route 10.81.0.0/16 interface trust gateway 10.83.41.254
- set dns host dns1 10.84.252.1
Admin setting
- set admin name root
- set admin name root
- save
Vpn
Define own proposals
- set ike p1-proposal p1-aes256-sha1-modp1536 preshare group5 esp aes256 sha-1 hours 3
- set ike p2-proposal p2-aes256-sha1-modp1536 group5 esp aes256 sha-1 hours 1
Set networks
- set address trust juniper-net 10.83.41.0/24
- set address untrust gustavo-net 10.83.41.0/24
Set phase 1
- set ike gateway gustavo address 10.84.252.33 main outgoing-interface untrust preshare suxer proposal aes256-sha1-modp1536
- set vpn juniper2gustavo gateway gustavo tunnel proposal aes256-sha1-modp1536
- set policy top name to-from-gustavo from trust to untrust juniper-net gustavo-net any tunnel vpn juniper2gustavo
policy id = 2
- set policy top name to-from-gustavo from untrust to trust gustavo-net juniper-net any tunnel vpn juniper2gustavo
policy id = 3