|
|
发表于 2015-6-7 08:18:06
|
显示全部楼层
我执行 racoon -F
Foreground mode.
2015-06-07 00:12:35: ERROR: racoon: MLS support is not enabled.
2015-06-07 00:12:35: INFO: @(#)ipsec-tools 0.8.0 (http://ipsec-tools.sourceforge.net)
2015-06-07 00:12:35: INFO: @(#)This product linked OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008 (http://www.openssl.org/)
2015-06-07 00:12:35: INFO: Reading configuration from "/etc/racoon/racoon.conf"
2015-06-07 00:12:35: INFO: Resize address pool from 0 to 100
我的IPTABLS规则
iptables -I INPUT -p udp --dport 500 -j ACCEPT
iptables -I INPUT -p udp --dport 4500 -j ACCEPT
iptables -t nat -A POSTROUTING -s 192.168.100.100/24 -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 10.211.55.64/24 -o eth0 -j MASQUERADE
iptables -A FORWARD -s 192.168.100.100/24 -j ACCEPT
iptables -A FORWARD -s 10.211.55.64/24 -j ACCEPT
iptables -t nat -A POSTROUTING -s 192.168.100.100/24 -j SNAT --to-source $ip
iptables -t nat -A POSTROUTING -s 10.211.55.64/24 -j SNAT --to-source $ip
service iptables save
service iptables restart
chkconfig racoon on
service racoon restart
我本地配置如楼下一图. 可是我无法连接服务端. 不知道问题出在哪.
Cisco 兼容 V***P***N (v***p***nc)
IPsec based V****P***N
两种模式,我应该用哪种模式创建本地客户端? 谢谢大家了. |
|
