Allied Telesis AT-WR4500 Manual de usuario descargar pdf (Pagina 196)

196 AT-WR4500 Series - IEEE 802.11a/jointfilesconvert/98409/bgh Outdoor Wireless Routers

RouterOS v3 Configuration and User Guide

for Router1

[admin@Router1] > ip ipsec manual-sa add name=ah-sa1 \

\... ah-spi=0x101/0x100 ah-key=abcfed

[admin@Router1] > ip ipsec policy add src-address=10.1.0.0/24 \

\... dst-address=10.2.0.0/24 action=encrypt ipsec-protocols=ah \

\... tunnel=yes sa-src=1.0.0.1 sa-dst=1.0.0.2 manual-sa=ah-sa1

for Router2

[admin@Router2] > ip ipsec manual-sa add name=ah-sa1 \

\... ah-spi=0x100/0x101 ah-key=abcfed

[admin@Router2] > ip ipsec policy add src-address=10.2.0.0/24 \

\... dst-address=10.1.0.0/24 action=encrypt ipsec-protocols=ah \

\... tunnel=yes sa-src=1.0.0.2 sa-dst=1.0.0.1 manual-sa=ah-sa1

IPsec Between two Masquerading RouterOS Routers

[

Router2

]

1.0.0.2

[

Router1

]

1.0.0.1

IP Network

10.1.0.0/24

10.2.0.0/24

1.0.0.0/24

Figure 31: Add accept and masquerading rules in SRC-NAT

for Router1

[admin@Router1] > ip firewall nat add chain=srcnat src-address=10.1.0.0/24 \

\... dst-address=10.2.0.0/24

[admin@Router1] > ip firewall nat add chain=srcnat out-interface=public \

\... action=masquerade

for Router2

[admin@Router2] > ip firewall nat chain=srcnat add src-address=10.2.0.0/24 \

\... dst-address=10.1.0.0/24

[admin@Router2] > ip firewall nat chain=srcnat add out-interface=public \

\... action=masquerade

1 2 ... 191 192 193 194 195 196 197 198 199 200 201 ... 263 264

Sin comentarios

Allied Telesis AT-WR4500 Manual de usuario Pagina 196