From owner-FreeBSD-users-jp@jp.freebsd.org  Tue May 15 18:21:21 2001
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id SAA32353;
	Tue, 15 May 2001 18:21:21 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from ns.aruiru.com ([61.121.211.114])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with SMTP id SAA32348
	for <FreeBSD-users-jp@jp.freebsd.org>; Tue, 15 May 2001 18:21:20 +0900 (JST)
	(envelope-from kajita@career-link.co.jp)
Received: (qmail 477 invoked from network); 15 May 2001 09:22:29 -0000
Received: from dhcp-17.int.clink.co.jp (HELO kajita) (192.168.1.17)
  by ns.int.clink.co.jp with SMTP; 15 May 2001 09:22:29 -0000
Message-ID: <011901c0dd20$a66b5d80$1101a8c0@kajita>
From: "nao kajita" <kajita@career-link.co.jp>
To: <FreeBSD-users-jp@jp.freebsd.org>
Date: Tue, 15 May 2001 18:23:06 +0900
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-2022-jp"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4133.2400
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+010328
X-Sequence: FreeBSD-users-jp 61481
Subject: [FreeBSD-users-jp 61481] VPN Useing Vtun
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org
X-Originator: kajita@career-link.co.jp

$B3aED$G$9!#(B

#net-jp$B$G$NH?1~$,>/$J$+$C$?$N$G(B
#user-jp$B$K$b?6$j$^$9!#$h$m$7$/$*4j$$$7$^$9!#(B

$B5M$^$C$?$N$G$A$g$C$H65$($F$/$@$5$$!#(B
&$B$"$^$j(BFree-BSD$B%M%?$G$O$J$$$G$9!#$4$a$s$J$5$$!#(B

Vtun on FreeBSD4.2R$B$rMxMQ$7$F(BVPN$B$r9=C[Cf$J$N$G$9$,!"(B
VPN$B@\B38e!"Aj8_%M%C%H%o!<%/4V$r$&$^$/%k!<%F%#%s%0$G$-$^$;$s!#(B

$B<B8=$7$?$$$3$H$OAj8_$N%M%C%H%o!<%/(BGetewa$B#y$rDL$7$FFbIt%M%C%H%o!<%/(B
$B$+$iFbIt%M%C%H%o!<%/$X$NDL?.7PO)$N3NJ]$G$9!#(B

                            Vtun tunnel
            -----------------------------
      GW1|             The Internet               |GW2
  |xxx.yyy.zzz.aaa|                        |bbb.ccc.ddd.eee|
  |192.168.1.254  |                        |192.168.2.254   |
            |                                             |
|192.168.1.0/24$B%(%j%"(B|                |192.168.2.0/24$B%(%j%"(B|

192.168.1.*$B%(%j%"(B<->192.168.2.*$B%(%j%"$X$NDL?.7PO)3NJ](B

$B$G!"(Bvtun.conf$B$G$*$N$*$N$N%k!<%F%#%s%0%F!<%V%k$r:n@.$9$k$h$&$K(B
$B;XDj$7$F$"$k$N$G$9$,!"$3$l$,$&$^$/$$$-$^$;$s!#(Btunnel device$B$r(B
$B%$%s%?!<%U%'%$%9$K$7$F$N%k!<%F%#%s%0$,$G$-$J$$$N$G$9!#(B

GateWay$BF1;N$G$OLdBj$J$/DL?.$G$-$^$9!#(B
192.168.1.254<->192.168.2.254::OK

routed$B$O(BOS$B5/F0;~$K(B-q option$B$GN)$A>e$,$C$F$^$9!#(B

$B0J2<(BConfig file$B$*$h$S(Bnetstat -r$B$rE:IU$7$^$9!#(B
$B$I$J$?$+$*$o$+$j$NJ}$$$i$C$7$c$$$^$7$?$i$4;XF3$r$*4j$$$7$^$9!#(B

----Config File-----

/*Crient vtun.conf*/

options {
        persist         yes;    # Connection keepable
        port            5000;   # Listen on this port.
        route           /sbin/route;
        ifconfig        /sbin/ifconfig;
}

VPN {
        pass    password;     # Password

        up {
                ifconfig "%% 192.168.2.254 192.168.1.254";
                route "add -net 192.168.1.0 -netmask 255.255.255.0$B!!(B
192.168.2.254";
        };

        down {
                ifconfig "%% delete down";
        };
}

/*Server vtun.conf*/

options {
        port            5000;
        ifconfig        /sbin/ifconfig;
        route           /sbin/route;
}

# Default host options

default {
        type            tun;
        proto           tcp;
        compress        zlib:9; # Compression is off by default
        encrypt         yes;
        speed           0;      # By default maximum speed, NO shaping
}

VPN1 {
        pass    password;

        up {
                route "add -net 192.168.2.0 -netmask 255.255.255.0
192.168.1.254";
                ifconfig "%% 192.168.1.254 192.168.2.254";
        };

        down {
                ifconfig "%% delete down";
        };
}

/*Crient netstat -r */

Routing tables

Internet:
Destination        Gateway            Flags     Refs     Use     Netif    Expire
default            bbb.ccc.ddd.ee0     UGSc        7      769      vr0
bbb.ccc.ddd.eex/28  link#1             UC          0        0      vr0      =>
bbb.ccc.ddd.ee1     0:a0:de:6:88:a     UHLW        2        0      vr0   729
bbb.ccc.ddd.ee9     ff:ff:ff:ff:ff:ff  UHLWb       0        1      vr0
localhost          localhost          UH          1      105      lo0
192.168.1          192.168.2.254      UGSc        2      296      xl0
ns.int.corp.co.jp 192.168.2.254      UH          0      173     tun0
192.168.2          link#3             UC          0        0      xl0
=>
192.168.2.1        0:90:27:70:11:15   UHLW        1      229      xl0     546
192.168.2.12       0:90:99:10:6a:d    UHLW        0       30      xl0      54
192.168.2.15       0:40:26:61:dd:11   UHLW        0       39      xl0     521
192.168.2.16       0:90:99:10:3e:f0   UHLW        0       33      xl0     1088
192.168.2.17       8:0:1f:b:3:1b      UHLW        0       43      xl0       1041
192.168.2.18       0:40:26:61:dd:5a   UHLW        2      152      xl0    536
192.168.2.19       0:90:99:1f:5c:46   UHLW        0       36      xl0     974
192.168.2.21       0:90:99:d:3b:84    UHLW        0       85      xl0     1004
192.168.2.23       0:90:99:d:39:ad    UHLW        0       39      xl0     826
192.168.2.254      localhost          UH          1        0      lo0

/*Server netstat -r */
Routing tables

Internet:
Destination        Gateway            Flags     Refs     Use     Netif    Expire
default            xxx.yyy.zzz.aa1     UGSc        6     5729      xl0
xxx.yyy.zzz.aaa/29 link#2             UC          0        0      xl0         =>
xxx.yyy.zzz.aa2     0:1:30:77:26:0     UHLW        2        0      xl0      885
xxx.yyy.zzz.aa8     ff:ff:ff:ff:ff:ff  UHLWb       0        1      xl0
localhost          localhost          UH          1      252      lo0
192.168.1          link#1             UC          0        0     fxp0
=>
dhcp-10.int.corp. 0:90:99:43:11:e0   UHLW        0       80     fxp0     967
dhcp-12.int.corp. 0:90:99:43:17:83   UHLW        0       10     fxp0     642
dhcp-13.int.corp. 0:c0:4f:c0:50:8e   UHLW        0       20     fxp0      1052
develop.int.corp. 0:90:99:16:41:ec   UHLW        1      385     fxp0     133
net.int.corp.co.j 0:c0:4f:9a:7e:2d   UHLW        0       41     fxp0        43
ns.int.corp.co.jp localhost          UH          1        0      lo0
192.168.2          ns.int.corp.co.jp UGSc        0       59     fxp0
192.168.2.254      ns.int.corp.co.jp UH          0       92     tun0

---Config End----

$B$h$m$7$/$*4j$$$$$?$7$^$9!#(B

