среда, 27 ноября 2013 г.

Mikrotik + IPSec + Cisco = Мир, Дружба, Жвачка

Источник: http://habrahabr.ru/post/151951/



/interface ipip add disabled=no dscp=0 local-address=88.88.88.2 mtu=1260 name=ipip1 \ remote-address=77.77.77.226 add address=192.168.88.1/24 comment="default configuration" disabled=no \ interface=ether2-master-local network=192.168.88.0 add address=88.88.88.2/30 disabled=no interface=ether1-gateway network=\ 62.5.248.248 add add-default-route=yes comment="default configuration" \ default-route-distance=1 disabled=no interface=ether1-gateway \ use-peer-dns=yes use-peer-ntp=yes /ip ipsec peer add address=77.77.77.226/32 auth-method=pre-shared-key dh-group=modp1024 \ disabled=no dpd-interval=2m dpd-maximum-failures=5 enc-algorithm=3des \ exchange-mode=main generate-policy=yes hash-algorithm=md5 lifebytes=0 \ lifetime=1d my-id-user-fqdn="" nat-traversal=no port=500 proposal-check=\ obey secret=MyPassWord send-initial-contact=yes /ip route add comment="Default routing" disabled=no distance=1 dst-address=0.0.0.0/0 \ gateway=88.88.88.1 scope=30 target-scope=10 add disabled=no distance=1 dst-address=10.192.0.0/22 gateway=ipip1 scope=30 \ target-scope=10 /ip firewall filter add action=accept chain=input comment="default configuration" disabled=no add action=accept chain=output disabled=no /system logging add action=memory disabled=no prefix="" topics=ipsec

Комментариев нет:

Отправка комментария