...
Code Block | ||
---|---|---|
| ||
# install strongswamstrongswan yum install strongswan # add ipsec config cat << EOF >> /etc/strongswan/ipsec.conf conn cmts-cm left=<cloud-ip> leftsubnet=172.20.0.0/22 leftid=<cloud-ip> leftfirewall=yes right=<cmts-ip> rightsubnet=10.0.0.0/19 rightid=<cmts-ip> auto=add ike=aes256-sha-modp1536 esp=aes256-sha1-modp1536 keyexchange=ikev1 authby=secret conn cmts-cpepriv also=cmts-cm rightsubnet=100.64.0.0/22 conn cmts-mta also=cmts-cm rightsubnet=100.96.0.0/22 EOF # add pre-shared key echo '<cloud-ip> <cmts-ip> : PSK "<secret>"' >> /etc/strongswan/ipsec.secrets # enable strongswan systemctl enable strongswan |
...