全文検索:
- 01 Linux ipsec Server
- ====== 01 Linux ipsec Server ====== ===== IPsec Server側 ===== ==== 環境 ==== CentOS release 6.8 libreswan-3.15-7.3 xl2t... 記を追加 <code|/etc/xl2tpd/xl2tpd.conf> [lns default] ip range = 192.168.1.128-192.168.1.254 local ip = 192.168.1.99 require chap = yes refuse pap = yes requi
- 03 Strongswan IKEv2 with PSK
- trongswan IKEv2 with PSK ====== strongswanでIKEv2/IPsec のVPNを接続すると、下記のようにローカル間で通信可能となります。 tokyo[10.... 10.0.0/16] <---> osaka[172.16.0.0/24] ^location^ IP ^ local ^ |tokyo| 100.100.0.100| 10.10.0.0/16| |o... install strongswan ===== 2. Portを開ける ===== ==== iptables ==== <code> iptables -I INPUT -p udp --dport 4500 -j ACCEPT iptables -I INPUT -p udp --dport 5
- 02 Linux IPsec Client
- ====== 02 Linux IPsec Client====== ===== IPsec Client側 ===== CentOS release 6.8 xl2tpd-1.3.8-1 libreswan-3.15-7.3 ===... --enablerepo=epel install openswan xl2tpd ===== IPsec ===== <code|/etc/ipsec.d/connect.conf> config setup virtual_private=%v4:10.0.0.0/8,%v4:192.16
- 04 Strongswan IKEv2 EAP
- ncrypt]] シンボリックリンクだけ貼る <code> cd /etc/strongswan/ipsec.d ln -s /app/certs/vpn2.kumolabo.com.crt certs... o.com.chain.pem cacerts/chain.pem </code> ==== 2.ipsec.conf ==== <code|ipsec.conf> conn %default type=tunnel authby=psk keyingtries=3 k... a256-modp2048 esp=aes256-sha256-modp2048 conn IPSec-IKEv2-EAP leftsubnet=0.0.0.0/0 leftid=
- 06 WireGuard
- <code> # wg-quick up /etc/wireguard/wg0.conf # ip -4 a 3: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu ... LIENT_preshared=`cat ~/WireGuard/${CL}/preshared` IP=`cat ~/WireGuard/${CL}/${CL}.conf | awk '/Addres... #~/WireGuard/${CL}/preshared の値 AllowedIPs = ${IP} #${CL}に割り当てるIP __EOM__ </code> <color #ed1c2... reguard/wg0.conf </code> ===== 9.QRコード作成 ===== iPhoneでは、wireguardのアプリからQRを読み込む <code> # apt instal
- 05 KVM Multi-Queue
- x-0 rx-1 tx-0 tx-1 </code> ==== VM側 ==== # iperf3 -s ==== クライアント側 ==== # iperf3 -c 10.10.102.10 -P 4 -t 100 -b 1G -u === top/htopで確認 === こんな
