ipsec of ros
1主服務內網地址、遠端內網地址;主服務公網地址,遠端公網地址;
2 設置共享pre shared key;設置加密3des、加密組、hash;主模式,遠端公網地址;
3 數據加密 md5 3des;
4 nat之前accecpt 源:服務內網地址 目的:遠端內網地址;
5 route 遠端內網地址------>服務端公網ip------>wan口
ipsec of juniper
主服務端設置
1gateway: remote gateway static ip address;
2preshare key : key interface phase 1 main;
3IKE: remote gateway predefine phase 2;
4police: source:erp server destination:remote private address port:erp tunnel predefine
L2TP
1 mode l2tp user password address to remote client;
2 l2tp tunnel outgoing interface;
3 police : source:dial-up *** destination:erp server port:erp