From owner-FreeBSD-users-jp@jp.freebsd.org  Mon Jun  5 17:35:35 2000
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id RAA88625;
	Mon, 5 Jun 2000 17:35:35 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from oinet-ns.ooi.co.jp (oinet-ns.ooi.co.jp [210.145.198.194])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id RAA88619
	for <FreeBSD-users-jp@jp.freebsd.org>; Mon, 5 Jun 2000 17:35:33 +0900 (JST)
	(envelope-from manyabu.nabe@ooi.co.jp)
Received: from yokohama.ooi.co.jp (yokohama.ooi.co.jp)
	by oinet-ns.ooi.co.jp (8.9.3+3.2W/3.7W) with ESMTP id RAA53563
	for <FreeBSD-users-jp@jp.freebsd.org>; Mon, 5 Jun 2000 17:31:36 +0900 (JST)
Received: from watanabe (pc011007.yk.ooi.co.jp)
	by yokohama.ooi.co.jp (8.8.8/8.8.8) with SMTP id RAA08393
	for <FreeBSD-users-jp@jp.freebsd.org>; Mon Jun  5 17:31:36 2000 +0900
Message-Id: <00060517320701.AKG2AB1@mail.ooi.co.jp>
X-Mailer: 'akira32Gold' v4.59i
Date: Mon, 05 Jun 2000 17:32:08 +0900
MIME-Version: 1.0
To: FreeBSD-users-jp@jp.freebsd.org
From: Manabu Watanabe <manyabu.nabe@ooi.co.jp>
In-Reply-To: <200006050748.AA00549@aquamarine.atlas-is.co.jp>
References: <20000605161555Z.simokawa@sat.t.u-tokyo.ac.jp>
	 <200006050748.AA00549@aquamarine.atlas-is.co.jp>
Content-Type: text/plain; charset=ISO-2022-JP
Content-Transfer-Encoding: 7bit
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+000315
X-Sequence: FreeBSD-users-jp 52259
Subject: [FreeBSD-users-jp 52259] Re: [Q] IPSec
 =?ISO-2022-JP?B?GyRCJE48Qjg9Sn1LIRsoQg==?= 
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org
X-Originator: manyabu.nabe@ooi.co.jp

$B!!$o$?$J$Y$G$9!#%@%$%8%'%9%H$J$s$GH?1~0-$$$G$9!#(B

$B:9=P?M(B: $B1sF#!!=SM5(B
$BAw?.F|(B: 06/05/2000 16:48:25
$B7oL>!!(B: $B!Z(B[FreeBSD-users-jp 52256] Re: [Q] IPSec$B$N<B8=J}K!(B $B![(B
> $B$H$3$m$G!"$3$l$N(B<$BF|K\8l(B>$B2r@b$rH<$C$?>R2p%5%$%H$OL5$$$G$9(B
> $B$+$M$'!#(B^^;

$B!!;d(B WWW $B%5%$%H;}$C$F$J$$$b$N$G!"4JC1$K(B..

$B!!0J2<$N$h$&$J4D6-$G(B VTun $B$r;H$C$F(B VPN $B$r9=C[$9$k$3$H$K$7$F$_$^$7$g$&!#(B

               The Inter Net           
          /                   \        
         |                     |       
         |X.X.X.X              |Y.Y.Y.Y
    +--------+            +--------+   
    | HOST A |            | HOST B |   
    +--------+            +--------+   

$B!!(BX.X.X.X $B$H(B Y.Y.Y.Y $B$O%$%s%?!<%M%C%H$N(B IP $B%"%I%l%9$H$7$^$9!#$3$N(B
$B4D6-$G(B HOST-A $B$K(B 192.168.0.1 $B!"(B HOST-B $B$K(B 192.168.0.2$B!!$H$$$&%W%i(B
$B%$%Y!<%H%"%I%l%9$r;H$C$F(B VPN $B$G7R$$$G$_$^$9!#(B VTun $B$O%/%i%$%"%s%H(B
$BF0:n$H%5!<%P!<F0:n$KJ,$+$l$F$$$F!"I8=`$G(B 5000 $BHV%]!<%H$r;HMQ$7$^$9!#(B
$B%5!<%P!<F0:n$5$;$kJ}$N(B 5000 $BHV%]!<%H$K%"%/%;%9$G$-$k$h$&$K%U%#%k%?(B
$BEy$N@_Dj$r9T$C$F$*$$$F$/$@$5$$!#$3$3$G$O(B HOST-A $B$r%/%i%$%"%s%HF0:n!"(B
HOST-B $B$r%5!<%P!<F0:n$H$$$&$3$H$K$7$^$9!#(B

$B!!(BVTun $B$r%$%s%9%H!<%k$7$^$7$?$i(B /usr/local/etc/vtund.conf $B$r:n@.$7(B
$B$^$9!#(B vtund.conf.sample $B$O6qBNE*$J@_Dj9`L\$dNc$,:\$C$F$^$9$N$G!"(B
$B0lEY$_$F$*$/$3$H$b%*%9%9%a$7$^$9!#(B

HOST-A $B$N(B vtund.conf

	options {
	  persist yes;
	  timeout 60;
	  ifconfig      /sbin/ifconfig;
	}
	
	TEST {			# $B%i%Y%kL>$G$9(B HOST-B $B$H9g$o$;$F$*$-$^$9(B
	  pass  XXXXXX;		# $B%Q%9%o!<%I$G$9(B HOST-B $B$H9g$o$;$F$*$-$^$9(B
	
	  up {
	    ifconfig "%% inet 192.168.0.1 192.168.0.2";
	  };
	
	  down {
	    ifconfig "%% delete down";
	  };
	}


HOST-B $B$N(B vtund.conf

	options {
	  ifconfig      /sbin/ifconfig;
	}

	default {
	  type  tun;
	  proto tcp;		# tcp $B$^$?$O(B udp $B%3%M%/%7%g%s$r;H$$$^$9(B
	  compress zlib:9;	# $B05=L;XDj$G$9%l%Y%k(B 1-9 $B$^$?$O(B none
	  encrypt yes;		# $B0E9f2=(B
	  speed 64;		# $BBS0h@)8B(B($BC10L(B kbps)
	}
	
	TEST {			# $B%i%Y%kL>$G$9(B HOST-A $B$H9g$o$;$F$*$-$^$9(B
	  pass  XXXXXX;		# $B%Q%9%o!<%I$G$9(B HOST-A $B$H9g$o$;$F$*$-$^$9(B
	
	  up {
	    ifconfig "%% inet 192.168.0.2 192.168.0.1";
	  };
	
	  down {
	    ifconfig "%% delete down";
	  };
	}


$B!!@_Dj%U%!%$%k$,=PMh$^$7$?$i(B HOST-B $BB&$G(B vtund $B$r%5!<%P!<%b!<%I$G(B
$BF0$+$7$^$9!#(B

# /usr/local/sbin/vtund -s

$B!!<!$K(B HOST-A $BB&$G(B vtund $B$r%/%i%$%"%s%H%b!<%I$GF0$+$7$^$9!#:G=i$N(B
$B0z?t$K(B vtund.conf $BFb$N%i%Y%kL>$r;XDj$7!"Bh(B2$B0z?t$K$O%5!<%P!<B&$N(B IP 
$B%"%I%l%9$^$?$O%[%9%HL>$r;XDj$7$^$9!#(B

# /usr/local/sbin/vtund TEST Y.Y.Y.Y

$B!!$&$^$/$$$1$P(B tun $B%G%P%$%9$,8=$l$F40@.$G$9!#(B ping $B$H$+<B9T$7$F4n(B
$B$S$^$7$g$&(B ;-)

-- 

+* $B%*%*%$%F%/%N3t<02q<R(B $B%S%8%M%9%7%9%F%`;v6HIt(B
+* $BEOJU(B $B3X(B < manyabu.nabe@ooi.co.jp >
