ネットワーク機器トップ > 製品ラインナップ > FITELnet-Fシリーズ  > 設定例  > 
NetScreen100との接続
設定例

 
1-1.センタNetScreen100(専用線接続),拠点FITELnet-F40(フレッツADSL)   

NetScreen100の設定は参考です。
NetScreen100の設定内容に関しては弊社ではサポート致しかねます旨、ご承知ください。

センタ(IP固定,アドレス8),拠点(IP固定,アドレス8)

<プロバイダより割り振られたアドレス(アドレスは一例です)>
<IPsec設定項目>

<コマンド操作>
センタ
set interface trust ip 192.168.2.254 255.255.255.0
set interface untrust ip 210.158.xxx.18 255.255.255.248
set interface untrust gateway 210.158.xxx.17
set address untrust "furukawa@kyoten" 192.168.1.0 255.255.255.0
set address trust "center" 192.168.2.0 255.255.255.0
set ike p1-proposal "ike-policy" preshare group1 esp des md5 second 1000
set ike p2-proposal "ipsec-policy" no-pfs esp des md5 second 600
set ike gateway "kyoten-gw" ip 0.0.0.0 id "furukawa@kyoten" Aggr preshare "secret-vpn" proposal "ike-policy"
set vpn "kyoten-se" id 1 gateway "kyoten-gw" no-replay tunnel idletime 0 proposal "ipsec-policy"
set policy id 0 name "kyoten-po" outgoing "center" "furukawa@kyoten" "any" tunnel vpn "kyoten-se" id 2
set policy id 1 name "kyoten-po" incoming "furukawa@kyoten" "center" "any" tunnel vpn "kyoten-se" id 2

ns100-> save
Save System Configuration  ... Done
ns100-> reset
System reset, are you sure? y/[n] y
In reset ...
拠点
wan type=pppoe
pppoe add name=FLETS if=pppoe1 id=abc345@xxx.xxx.ne.jp password=zzzyyyxxx
interface lan addr=192.168.1.254,255.255.255.0
ipripstatic delete default
ipripstatic add dst=0.0.0.0,0.0.0.0 nextif=pppoe1
nat pppoe1 natp
vpn on
vpnikepolicy add id=1 method=prekey
vpnpolicy add id=1 encr=des auth=hmac-md5
vpnpeer add addr=210.158.xxx.18 myname=furukawa@kyoten idtype-pre=userfqdn key=a,secret-vpn nat=off ikepolicy=1
vpnselector add id=1 dst=192.168.2.0,255.255.255.0 src=192.168.1.0,255.255.255.0 type=ipsec peeraddr=210.158.xxx.18 policy=1
vpnselector add id=64 dst=all src=all type=bypass

exit
Configuration modified. save ok?(y/n):y
please reset#reset
Do you want to continue(y/n)?:y


 
1-2.センタNetScreen100(専用線接続),拠点MUCHO-EV(フレッツISDN接続)   

NetScreen100の設定は参考です。
NetScreen100の設定内容に関しては弊社ではサポート致しかねます旨、ご承知ください。

センタ(IP固定,アドレス8),拠点(IP固定,アドレス8)

<プロバイダより割り振られたアドレス(アドレスは一例です)>
<IPsec設定項目>

<コマンド操作>
センタ
set interface trust ip 192.168.2.254 255.255.255.0
set interface untrust ip 210.158.xxx.18 255.255.255.248
set interface untrust gateway 210.158.xxx.17
set address untrust "furukawa@kyoten" 192.168.1.0 255.255.255.0
set address trust "center" 192.168.2.0 255.255.255.0
set ike p1-proposal "ike-policy" preshare group1 esp des md5 second 1000
set ike p2-proposal "ipsec-policy" no-pfs esp des md5 second 600
set ike gateway "kyoten-gw" ip 0.0.0.0 id "furukawa@kyoten" Aggr preshare "secret-vpn" proposal "ike-policy"
set vpn "kyoten-se" id 1 gateway "kyoten-gw" no-replay tunnel idletime 0 proposal "ipsec-policy"
set policy id 0 name "kyoten-po" outgoing "center" "furukawa@kyoten" "any" tunnel vpn "kyoten-se" id 2
set policy id 1 name "kyoten-po" incoming "furukawa@kyoten" "center" "any" tunnel vpn "kyoten-se" id 2

ns100-> save
Save System Configuration  ... Done
ns100-> reset
System reset, are you sure? y/[n] y
In reset ...
拠点
wan isdn
hostname add default=1234abcd  password=himitsu
interface lan addr=192.168.1.254,255.255.255.0
interface isdn1 addr=0.0.0.0 remote=0.0.0.0
target add name=dialup-easysetting dial=1492 continuouslimiter=off host=default
isdn  -1 idletimer=0,0 limiter=off
ipripstatic delete all
ipripstatic add dst=0.0.0.0,0.0.0.0 nextif=isdn1
dhcpserver off
nat natp if=isdn1
snmp off
vpn on
vpnikepolicy add id=1 method=prekey
vpnpeer add addr=210.158.xxx.18 myname=furukawa@kyoten idtype=userfqdn key=a,secret-vpn nat=off 
vpnpolicy add id=1 
vpnselector add id=1 dst=192.168.2.0,255.255.255.0 src=192.168.1.0,255.255.255.0 type=ipsec peeraddr=210.158.xxx.18  policy=1
vpnselector add id=32 dst=all src=all type=bypass

exit
Configuration modified. save ok?(y/n):y
please reset#reset
Do you want to continue(y/n)?:y


ページトップへ

All Rights Reserved, Copyright(C) FURUKAWA ELECTRIC CO., LTD. 2002