{"id":1378,"date":"2008-05-31T23:59:58","date_gmt":"2008-05-31T14:59:58","guid":{"rendered":"http:\/\/www.inohome.net\/kuma\/?p=1378"},"modified":"2009-02-25T00:04:24","modified_gmt":"2009-02-24T15:04:24","slug":"rtx1000%e3%81%a7%e7%89%87%e5%81%b4ddns%e3%81%aapptp%e3%81%a8ipsec%e3%82%92%e5%90%8c%e6%99%82%e3%81%ab%e5%ae%9f%e7%8f%be","status":"publish","type":"post","link":"https:\/\/www.inohome.net\/kuma\/blog\/archives\/2008\/05\/post_1378.html","title":{"rendered":"RTX1000\u3067\u7247\u5074DDNS\u306aPPTP\u3068IPsec\u3092\u540c\u6642\u306b\u5b9f\u73fe"},"content":{"rendered":"

\u30bf\u30a4\u30c8\u3067<\/b>\u30ad\u30e5\u30fc\u30c8\u306a\u30d2\u30c3\u30d7\u304c\u30b7\u30e5\u30fc\u30eb\u306a\u30b8\u30e7\u30fc\u30af\u3068\u30e0\u30fc\u30c9\u3067<\/b>\u30c6\u30ec\u30d5\u30a9\u30f3\u30ca\u30f3\u30d0\u30fc<\/em><\/p>\n

\u307f\u305f\u3044\u306a\u30bf\u30a4\u30c8\u30eb\u3067\u3059\u304c\u3002
\n\u3053\u3046\u3044\u3046\u4e8b\u4f8b\u3055\u304c\u3057\u3066\u3082\u5168\u7136\u7121\u3044\u306e\u3067\u66f8\u3044\u3066\u307f\u307e\u3059\u3002<\/p>\n

\u672c\u5e97\u306f\u56fa\u5b9aIP\u3092\u53d6\u308b\u91d1\u3082\u306a\u3044\u96f6\u7d30\u4f01\u696d(\u3067\u3082RTX1000<\/b>)\u306a\u306e\u3067\u30cd\u30c3\u30c8\u30dc\u30e9\u30f3\u30c1DNS<\/a>\u3002
\n\u55b6\u696d\u30de\u30f3\u4e00\u4eba\u304cGeek\u3067<\/b>PPTP\u63a5\u7d9a\u3057\u305f\u304c\u308b\u3002
\n\u7121\u7406\u3057\u3066\u652f\u5e97\u3092\u3064\u304f\u3063\u305f\u306e\u3067IPsec\u3067<\/b>\u7e4b\u304e\u305f\u3044\u71b1\u304d\u601d\u3044\u304c\u6e67\u3044\u305f\u3002<\/p>\n

\u307e\u305a\u306f\u672c\u652f\u5e97\u63a5\u7d9a\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u6982\u5ff5\u56f3\u3002<\/p>\n

\"\"<\/a>
\n<\/a><\/p>\n

\u672c\u5e97\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306eRTX1000<\/b>\u306bPPTPserver\u3068IPsec\u53d7\u3051\u5165\u308c\u3092\u7528\u610f\u3057\u3066\u304a\u304f
\n\u30cd\u30c3\u30c8\u30dc\u30e9\u30f3\u30c1DNS\u30b5\u30fc\u30d3\u30b9\u3067<\/b>DDNS\u30a2\u30c9\u30ec\u30b9\u3092\u53d6\u5f97\u3057\u3066\u304a\u304f\u3068\u4fbf\u5229\u3002<\/p>\n

\u307e\u305a\u306f\u672c\u5e97\u306eConfig\u3092<\/p>\n

ip route default gateway pp 1
\nip route 192.168.20.0\/24 gateway tunnel 2<\/p>\n

ip lan1 address 192.168.200.1\/24
\nip lan1 proxyarp on
\npp select 1
\npp keepalive use lcp-echo
\npp always-on on
\npppoe use lan2
\npppoe auto connect on
\npppoe auto disconnect off
\npp auth accept pap chap<\/p>\n

pp auth myname\u3000*****
\nppp lcp mru on 1454
\nppp ipcp ipaddress on
\nppp ipcp msext on
\nppp ccp type none
\nppp ipv6cp use off
\nip pp mtu 1280
\nip pp nat descriptor 1
\nnetvolante-dns use pp auto<\/p>\n

netvolante-dns hostname host pp ***.***.netvolante.jp
\npp enable 1
\npp select anonymous
\npp bind tunnel1
\npp auth request mschap
\npp auth username PPTP\u30e6\u30fc\u30b6\u30fcID \u30d1\u30b9\u30ef\u30fc\u30c9<\/strong>
\nppp ccp type mppe-any
\nip pp remote address pool 192.168.200.150-192.168.200.200<\/p>\n

pptp service type server
\npp enable anonymous
\ntunnel select 1
\ntunnel encapsulation pptp
\npptp tunnel disconnect time 1200
\npptp keepalive use off
\ntunnel enable 1
\ntunnel select 2
\nipsec tunnel 101<\/p>\n

ipsec sa policy 101 1 esp 3des-cbc sha-hmac
\nipsec ike keepalive use 1 on
\nipsec ike local address 1 192.168.200.1
\nipsec ike pre-shared-key 1 text \u4e8b\u524d\u5171\u6709\u9375<\/strong>
\nipsec ike remote address 1 any
\nipsec ike remote name 1 \u308d\u30fc\u304b\u308b\u306d\u30fc\u3080<\/strong>
\nip tunnel tcp mss limit auto
\ntunnel enable 2<\/p>\n

nat descriptor type 1 masquerade
\nnat descriptor masquerade static 1 1 192.168.200.50 tcp www
\nnat descriptor masquerade static 1 2 192.168.200.50 tcp ftpdata-21
\nnat descriptor masquerade static 1 3 192.168.200.50 tcp 5900
\nnat descriptor masquerade static 1 4 192.168.200.50 tcp 22
\nnat descriptor masquerade static 1 5 192.168.200.50 tcp https
\nnat descriptor masquerade static 1 6 192.168.200.50 tcp 10000
\nnat descriptor masquerade static 1 7 192.168.200.1 esp
\nnat descriptor masquerade static 1 8 192.168.200.1 udp 500<\/p>\n

nat descriptor masquerade static 1 20 192.168.200.1 tcp 1723
\nnat descriptor masquerade static 1 23 192.168.200.1 gre
\nsyslog notice on
\nsyslog debug on
\ntftp host 192.168.200.50
\ndhcp service server
\ndhcp server rfc2131 compliant except remain-silent
\ndhcp scope 1 192.168.200.100-192.168.200.149\/24
\ndns server pp 1<\/p>\n

pptp service on
\nupnp use on
\nupnp external address refer pp 1<\/p>\n

masquerade\u306f20,23\u4ee5\u5916\u3001\u8da3\u5473\u8da3\u5411\u306e\u73fe\u308c\u308b\u3068\u3053\u308d\u306a\u306e\u3067\u7121\u8996\u3057\u3066\u6b32\u3057\u3044\uff57
\nipsec ike local address\u304c\u30ed\u30fc\u30ab\u30eb\u3092\u898b\u3066\u3044\u308b\u4ef6\u306b\u3064\u3044\u3066\u306f\u3053\u3053\u3092\u53c2\u7167<\/a>\u3057\u3066\u6b32\u3057\u3044\u3002<\/p>\n

\u7d9a\u3044\u3066\u652f\u5e97\u5074\u3002<\/p>\n

ip route default gateway 192.168.11.1
\nip route 192.168.200.0\/24 gateway tunnel 1<\/p>\n

ip lan1 address 192.168.20.1\/24
\nip lan2 address 192.168.11.250\/24
\nip lan2 nat descriptor 1
\ntunnel select 1
\nipsec tunnel 101
\nipsec sa policy 101 1 esp 3des-cbc sha-hmac
\nipsec ike keepalive log 1 off
\nipsec ike keepalive use 1 on
\nipsec ike local address 1 192.168.20.1<\/p>\n

ipsec ike local name 1 \u308d\u30fc\u304b\u308b\u306d\u30fc\u3080<\/strong> key-id
\nipsec ike pre-shared-key 1 text \u4e8b\u524d\u5171\u6709\u9375<\/strong>
\nipsec ike remote address 1 ***.***.netvolante.jp
\nip tunnel tcp mss limit auto
\ntunnel enable 1
\nnat descriptor type 1 masquerade
\nnat descriptor address outer 1 primary<\/p>\n

nat descriptor address inner 1 auto
\nnat descriptor masquerade incoming 1 reject
\nnat descriptor masquerade static 1 1 192.168.20.1 esp
\nnat descriptor masquerade static 1 2 192.168.20.1 udp 500
\nipsec auto refresh on
\nsyslog notice on
\ntftp host 192.168.20.2
\ndhcp service server
\ndhcp server rfc2131 compliant except remain-silent<\/p>\n

dhcp scope 1 192.168.20.100-192.168.20.149\/24
\ndns server 192.168.11.1
\ndns private address spoof on<\/p>\n

\u30ed\u30fc\u30ab\u30eb\u30cd\u30fc\u30e0\u3068\u4e8b\u524d\u5171\u6709\u9375\u306f\u540c\u3058\u306b\u3057\u3088\u3046\u3002<\/p>\n

\u3042\u3068\u306f\u3053\u308c\u3067<\/b>\u793e\u5185\u30a2\u30ec\u30b2Web\u9bd6\u306b\u306f
\n\u672c\u5e97G4\u30b5\u30fc\u30d0\u30fc\u3067<\/b>\u7acb\u3061\u4e0a\u3052\u305fBIND\u304c\u3054\u6848\u5185\u3002
\n\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306eDNS\u53c2\u7167\u306b192.168.200.50\u3092\u8ffd\u52a0\u3057\u3066\u304a\u3053\u3046\u3002<\/p>\n

\"\"<\/a>
\nPPTP\u63a5\u7d9a\u3057\u305fMacBook\u304b\u3089telnet\u3067<\/b>\u672c\u5e97\u306eRTX1000<\/b>\u3092\u898b\u3066\u305d\u306e\u307e\u307e\u652f\u5e97\u306eRTX1000<\/b>\u3082\u898b\u3061\u3083\u3063\u3066\u3044\u308b\u7d75\u3002
\n\u5909\u614b\u3067\u3059\u306d\u301c\u7b11<\/p>\n

\u3067\u3082\u6700\u521d\u91cd\u304b\u3063\u305f\u3002<\/p>\n

ipsec sa policy 101 1 esp aes-cbc sha-hmac<\/p>\n

\u3053\u308c\u304c\u91cd\u3044\u3053\u3068\u3002\u5168\u7136\u30d0\u30a4\u30ca\u30ea\u30fc\u8ee2\u9001\u3067\u304d\u306a\u3044\u3002<\/p>\n

\u30c6\u30ad\u30b9\u30c8\u306f\u5927\u4e08\u592b\u3002<\/p>\n

ipsec sa policy 101 1 esp 3des-cbc sha-hmac<\/p>\n

\u306b\u3059\u308b\u3068\u7d76\u597d\u8abf\u3002
\nVPN\u5148\u306eBIND\u3067<\/b>\u304a\u3063\u305f\u3066\u305fDNS\u30b5\u30fc\u30d0\u30fc\u3082\u30d0\u30c3\u30c1\u30ea\u53c2\u7167\u3002
\n\u30ad\u30bf\u30fc\u3002 <\/p>\n","protected":false},"excerpt":{"rendered":"

\u30bf\u30a4\u30c8\u3067\u30ad\u30e5\u30fc\u30c8\u306a\u30d2\u30c3\u30d7\u304c\u30b7\u30e5\u30fc\u30eb\u306a\u30b8\u30e7\u30fc\u30af\u3068\u30e0\u30fc\u30c9\u3067\u30c6\u30ec\u30d5\u30a9\u30f3\u30ca\u30f3\u30d0\u30fc \u307f\u305f\u3044\u306a\u30bf\u30a4\u30c8\u30eb\u3067\u3059\u304c\u3002 \u3053\u3046\u3044\u3046\u4e8b\u4f8b\u3055\u304c\u3057\u3066\u3082\u5168\u7136\u7121\u3044\u306e\u3067\u66f8\u3044\u3066\u307f\u307e\u3059\u3002 \u672c\u5e97\u306f\u56fa\u5b9aIP\u3092\u53d6\u308b\u91d1\u3082\u306a\u3044\u96f6\u7d30\u4f01\u696d(\u3067\u3082RTX1000)\u306a\u306e\u3067\u30cd\u30c3\u30c8 … “RTX1000\u3067\u7247\u5074DDNS\u306aPPTP\u3068IPsec\u3092\u540c\u6642\u306b\u5b9f\u73fe” \u306e<\/span>\u7d9a\u304d\u3092\u8aad\u3080<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-1378","post","type-post","status-publish","format-standard","hentry","category-4"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.inohome.net\/kuma\/wp-json\/wp\/v2\/posts\/1378","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.inohome.net\/kuma\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.inohome.net\/kuma\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.inohome.net\/kuma\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.inohome.net\/kuma\/wp-json\/wp\/v2\/comments?post=1378"}],"version-history":[{"count":0,"href":"https:\/\/www.inohome.net\/kuma\/wp-json\/wp\/v2\/posts\/1378\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.inohome.net\/kuma\/wp-json\/wp\/v2\/media?parent=1378"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.inohome.net\/kuma\/wp-json\/wp\/v2\/categories?post=1378"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.inohome.net\/kuma\/wp-json\/wp\/v2\/tags?post=1378"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}