⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 east-console.txt

📁 ipsec vpn
💻 TXT
字号:
🔍 
east:~# route delete -net 192.0.1.0 netmask 255.255.255.0east:~# route delete -net defaulteast:~# route add -net default gw 192.1.2.254east:~# namedeast:~# ipsec setup startipsec_setup: Starting Openswan IPsec VERSIONeast:~# /testing/pluto/bin/wait-until-pluto-startedeast:~# ipsec lookeast NOW0.0.0.0/0          -> 0.0.0.0/0          => %trap (0)ipsec0->eth1 mtu=16260(1500)->1500Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface0.0.0.0         192.1.2.254     0.0.0.0         UG        0 0          0 eth10.0.0.0         192.1.2.254     128.0.0.0       UG        0 0          0 ipsec0128.0.0.0       192.1.2.254     128.0.0.0       UG        0 0          0 ipsec0192.1.2.0       0.0.0.0         255.255.255.0   U         0 0          0 eth1192.1.2.0       0.0.0.0         255.255.255.0   U         0 0          0 ipsec0east:~# ipsec auto --add cleareast:~# ipsec auto --add private-or-cleareast:~# ipsec auto --delete packetdefaulteast:~# ipsec whack --listen002 listening for IKE messages002 forgetting secrets002 loading secrets from "/etc/ipsec.secrets"002 loading group "/etc/ipsec.d/policies/private-or-clear"002 loading group "/etc/ipsec.d/policies/clear"003 "/etc/ipsec.d/policies/clear" line 1: subnet "192.0.1.0/24", source 192.1.2.23/32, already "private-or-clear"east:~# ipsec auto --route cleareast:~# ipsec auto --route private-or-cleareast:~# ipsec eroute0          192.1.2.23/32      -> 192.0.1.0/24       => %trap0          192.1.2.23/32      -> 192.1.2.129/32     => %pass0          192.1.2.23/32      -> 192.1.2.130/32     => %pass0          192.1.2.23/32      -> 192.1.2.254/32     => %passeast:~# echo endendeast:~# : we expect that east can ping westeast:~# ping -c 1 -n 192.1.2.45PING 192.1.2.45 (192.1.2.45): 56 data bytes64 bytes from 192.1.2.45: icmp_seq=0 ttl=257 time=999 ms--- 192.1.2.45 ping statistics ---1 packets transmitted, 1 packets received, 0% packet lossround-trip min/avg/max = 3.1/4.5/9.26 mseast:~# : we expect that this will result no tunnel, as we are not prepared for east:~# : a tunnel, but west will attempt it.east:~# ping -c 2 -w 4 -n 192.0.1.3ping: invalid option -- wusage: ping [-LRdfnqrv] [-c count] [-i wait] [-l preload]	[-p pattern] [-s packetsize] [-t ttl] [-I interface address] hosteast:~# : make sure we can still ping west.east:~# ping -c 1 -n 192.1.2.45PING 192.1.2.45 (192.1.2.45): 56 data bytes64 bytes from 192.1.2.45: icmp_seq=0 ttl=257 time=999 ms--- 192.1.2.45 ping statistics ---1 packets transmitted, 1 packets received, 0% packet lossround-trip min/avg/max = 3.1/4.5/9.26 mseast:~# ipsec lookeast NOW192.1.2.23/32      -> 192.0.1.0/24       => %trap (0)192.1.2.23/32      -> 192.1.2.129/32     => %pass (0)192.1.2.23/32      -> 192.1.2.130/32     => %pass (0)192.1.2.23/32      -> 192.1.2.254/32     => %pass (0)ipsec0->eth1 mtu=16260(1500)->1500Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface0.0.0.0         192.1.2.254     0.0.0.0         UG        0 0          0 eth1192.0.1.0       192.1.2.254     255.255.255.0   UG        0 0          0 ipsec0192.1.2.0       0.0.0.0         255.255.255.0   U         0 0          0 eth1192.1.2.0       0.0.0.0         255.255.255.0   U         0 0          0 ipsec0192.1.2.129     192.1.2.254     255.255.255.255 UGH       0 0          0 ipsec0192.1.2.130     192.1.2.254     255.255.255.255 UGH       0 0          0 ipsec0192.1.2.254     192.1.2.254     255.255.255.255 UGH       0 0          0 ipsec0east:~# echo endendeast:~# east:~#

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -