# # IPsecを使用したAWS(vRX)-拠点間接続 # # # vRXの設定 # vrx user (vRXのユーザーID) (vRXのユーザーパスワード) ip route default gateway dhcp lan2 ip route 192.168.100.0/24 gateway tunnel 1 ip lan1 address dhcp ip lan2 address dhcp ip lan2 nat descriptor 1 tunnel select 1 ipsec tunnel 1 ipsec sa policy 1 1 esp aes-cbc sha-hmac ipsec ike local address 1 (172.16.1.254) ipsec ike nat-traversal 1 on ipsec ike pre-shared-key 1 text (事前共有鍵) ipsec ike remote address 1 any ipsec ike remote name 1 (拠点のセキュリティー・ゲートウェイの名前) key-id tunnel enable 1 nat descriptor type 1 masquerade nat descriptor masquerade static 1 1 172.16.1.254 udp 500 nat descriptor masquerade static 1 2 172.16.1.254 udp 4500 nat descriptor masquerade static 1 3 172.16.1.254 tcp 22 ipsec auto refresh on telnetd service off dns server dhcp lan2 sshd service on sshd host key generate *