#
# Oracle Cloud Infrastructure と VPN(IPsec) 接続するルーターの設定(IPv6 IPoE) : コマンド設定
#

#
# ルーターの設定(2)
#

#
# ゲートウェイの設定
#
ip route (VCNのLAN側ネットワークアドレス) gateway tunnel 1 hide gateway tunnel 2 hide

#
# ル−プバックの設定
#
ip loopback1 address (ルーターの固定グローバルIPアドレス)

#
# VPN(IPsec)の設定1
#
tunnel select 2
description tunnel OCI-VPN1
ipsec tunnel 2
ipsec sa policy 2 2 esp aes256-cbc sha256-hmac
ipsec ike duration ipsec-sa 2 3600
ipsec ike duration isakmp-sa 2 28800
ipsec ike encryption 2 aes256-cbc
ipsec ike group 2 modp1536
ipsec ike hash 2 sha256
ipsec ike keepalive log 2 off
ipsec ike keepalive use 2 on dpd
ipsec ike local address 2 (ルーターの固定グローバルIPアドレス)
ipsec ike local id 2 0.0.0.0/0
ipsec ike nat-traversal 2 on
ipsec ike pfs 2 on
ipsec ike pre-shared-key 2 text (DRGの1つ目の事前共有鍵)
ipsec ike remote address 2 (DRGの1つ目のグローバルIPアドレス)
ipsec ike remote id 2 0.0.0.0/0
tunnel enable 2

#
# VPN(IPsec)の設定2
#
tunnel select 3
description tunnel OCI-VPN2
ipsec tunnel 3
ipsec sa policy 3 3 esp aes256-cbc sha256-hmac
ipsec ike duration ipsec-sa 3 3600
ipsec ike duration isakmp-sa 3 28800
ipsec ike encryption 3 aes256-cbc
ipsec ike group 3 modp1536
ipsec ike hash 3 sha256
ipsec ike keepalive log 3 off
ipsec ike keepalive use 3 on dpd
ipsec ike local address 3 (ルーターの固定グローバルIPアドレス)
ipsec ike local id 3 0.0.0.0/0
ipsec ike nat-traversal 3 on
ipsec ike pfs 3 on
ipsec ike pre-shared-key 3 text (DRGの2つ目の事前共有鍵)
ipsec ike remote address 3 (DRGの2つ目のグローバルIPアドレス)
ipsec ike remote id 3 0.0.0.0/0
tunnel enable 3

#
# VPN(IPsec)の設定
#（共通項目）
#
ipsec auto refresh on