#
# IPsecを使用したAWS(vRX)-拠点間接続
#

#
# vRXの設定
#

vrx user (vRXのユーザーID) (vRXのユーザーパスワード)
ip route default gateway dhcp lan2
ip route 192.168.100.0/24 gateway tunnel 1
ip lan1 address dhcp
ip lan2 address dhcp
ip lan2 nat descriptor 1
tunnel select 1
 ipsec tunnel 1
  ipsec sa policy 1 1 esp aes-cbc sha-hmac
  ipsec ike local address 1 (172.16.1.254)
  ipsec ike nat-traversal 1 on
  ipsec ike pre-shared-key 1 text (事前共有鍵)
  ipsec ike remote address 1 any
  ipsec ike remote name 1 (拠点のセキュリティー・ゲートウェイの名前) key-id
 tunnel enable 1
nat descriptor type 1 masquerade
nat descriptor masquerade static 1 1 172.16.1.254 udp 500
nat descriptor masquerade static 1 2 172.16.1.254 udp 4500
nat descriptor masquerade static 1 3 172.16.1.254 tcp 22
ipsec auto refresh on
telnetd service off
dns server dhcp lan2
sshd service on
sshd host key generate *