# # インターネットVPNで接続 # # # 拠点3 ルーター(3) # # # LANインターフェースの設定 # ip lan1 address 192.168.3.1/24 # # WAN(ISP4)のインターフェースの設定 # ip lan2 address dhcp ip lan2 nat descriptor 1 ip route default gateway dhcp lan2 # # NATの設定 # nat descriptor type 1 masquerade nat descriptor address outer 1 primary nat descriptor masquerade static 1 1 192.168.3.1 udp 500 nat descriptor masquerade static 1 2 192.168.3.1 udp 4500 nat descriptor masquerade static 1 3 192.168.3.1 esp # # DHCPの設定 # dhcp service server dhcp server rfc2131 compliant except remain-silent dhcp scope 1 192.168.3.2-192.168.3.100/24 # # DNSの設定 # dns server dhcp lan2 dns private address spoof on # # VPN(IPsec)の設定 #(共通項目) # ipsec auto refresh on # # VPN(IPsec)の設定 # tunnel select 1 ipsec tunnel 101 ipsec sa policy 101 1 esp aes-cbc sha-hmac ipsec ike keepalive use 1 on ipsec ike local name 1 kyoten3 key-id ipsec ike nat-traversal 1 on ipsec ike pre-shared-key 1 text (パスワード3) ipsec ike remote address 1 (センターのグローバルアドレス) tunnel enable 1 ip route 192.168.0.0/24 gateway tunnel 1