#
# Alibaba CloudとVPN(IPsec IKEv1)接続するルーターの設定 : コマンド設定
# 

#
# ルーターの設定(2)
#

#
# ゲートウェイの設定
#
ip route 192.168.0.0/24 gateway tunnel 1

#
# VPN(IPsec)の設定
#
tunnel select 1
description tunnel "Alibaba Cloud"
ipsec tunnel 1
ipsec sa policy 1 1 esp aes-cbc sha-hmac
ipsec ike version 1 2
ipsec ike duration child-sa 1 86400
ipsec ike duration ike-sa 1 86400
ipsec ike group 1 modp1024
ipsec ike keepalive use 1 on rfc4306
ipsec ike local address 1 192.168.100.1
ipsec ike local name 1 (ルーターの固定グローバルIPアドレス) ipv4-addr
ipsec ike nat-traversal 1 on
ipsec ike message-id-control 1 on
ipsec ike child-exchange type 1 2
ipsec ike pre-shared-key 1 text (事前共有鍵)
ipsec ike remote address 1 (Alibaba CloudのVPN GatewayのIPアドレス)
ipsec ike remote name 1 (Alibaba CloudのVPN GatewayのIPアドレス) ipv4-addr
ipsec ike negotiation receive 1 off
ip tunnel tcp mss limit auto
tunnel enable 1
#
# VPN(IPsec)の設定 (共通項目)
#
ipsec auto refresh on