全文検索:
- 06 WireGuard
- 設定ファイル作成 ===== <color #ed1c24>※このPeerで指定するAllowedIPs は、32bitで記述</color> <code> SERVER_privkey=`cat ~... 0.conf [Interface] Address = 10.0.1.1/24 #wg0に付けるIP ListenPort = 51820 PrivateKey = ${SERVER_privkey}... ared} #~/WireGuard/client01/preshared の値 AllowedIPs = 10.0.1.2/32 #client01に割り当てるIP [Peer] # client02 PublicKey = BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
- 05 KVM Multi-Queue
- rs: Invalid argument </code> ===== 確認 ===== 動作検証はiperf3とhtopコマンドで見ると分かりやすい ==== ethtoolで確認 ==== eth... x-0 rx-1 tx-0 tx-1 </code> ==== VM側 ==== # iperf3 -s ==== クライアント側 ==== # iperf3 -c 10.10.102.10 -P 4 -t 100 -b 1G -u === top/htopで確認 === こんな
- 04 Strongswan IKEv2 EAP
- ncrypt]] シンボリックリンクだけ貼る <code> cd /etc/strongswan/ipsec.d ln -s /app/certs/vpn2.kumolabo.com.crt certs... o.com.chain.pem cacerts/chain.pem </code> ==== 2.ipsec.conf ==== <code|ipsec.conf> conn %default type=tunnel authby=psk keyingtries=3 k... a256-modp2048 esp=aes256-sha256-modp2048 conn IPSec-IKEv2-EAP leftsubnet=0.0.0.0/0 leftid=
- 03 Strongswan IKEv2 with PSK
- trongswan IKEv2 with PSK ====== strongswanでIKEv2/IPsec のVPNを接続すると、下記のようにローカル間で通信可能となります。 tokyo[10.... 10.0.0/16] <---> osaka[172.16.0.0/24] ^location^ IP ^ local ^ |tokyo| 100.100.0.100| 10.10.0.0/16| |o... install strongswan ===== 2. Portを開ける ===== ==== iptables ==== <code> iptables -I INPUT -p udp --dport 4500 -j ACCEPT iptables -I INPUT -p udp --dport 5
- 02 Linux IPsec Client
- ====== 02 Linux IPsec Client====== ===== IPsec Client側 ===== CentOS release 6.8 xl2tpd-1.3.8-1 libreswan-3.15-7.3 ===... --enablerepo=epel install openswan xl2tpd ===== IPsec ===== <code|/etc/ipsec.d/connect.conf> config setup virtual_private=%v4:10.0.0.0/8,%v4:192.16
- 01 Linux ipsec Server
- ====== 01 Linux ipsec Server ====== ===== IPsec Server側 ===== ==== 環境 ==== CentOS release 6.8 libreswan-3.15-7.3 xl2t... 記を追加 <code|/etc/xl2tpd/xl2tpd.conf> [lns default] ip range = 192.168.1.128-192.168.1.254 local ip = 192.168.1.99 require chap = yes refuse pap = yes requi