カテゴリ一覧
最近の更新
メニュー

2016/02/23 EdgeMAX シリーズのファームウェア v1.8.0 がリリースされました。
詳細はこちら をご覧下さい。

コマンド > configure > vpn

提供: EdgeOS 日本語Wiki [非公式]
移動: 案内検索

このページの概要

当ページでは、Configure モード 設定編集系 コマンドで vpn を利用する方法をご紹介します。


解説


vpn のパラメーター

index

  • vpn ipsec
    VPN IP security (IPsec) parameters
  • vpn l2tp
    Layer 2 Tunneling Protocol (L2TP) Virtual Private Network (VPN)
  • vpn pptp
    Point to Point Tunneling Protocol (PPTP) Virtual Private Network (VPN)
  • vpn rsa-keys
    RSA keys


vpn ipsec

vpn l2tp

  • set vpn l2tp remote-access
    Layer 2 Tunneling Protocol (L2TP) Virtual Private Network (VPN)
    • set vpn l2tp remote-access authentication
      Authentication for remote access L2TP VPN
      • set vpn l2tp remote-access authentication local-users username {ユーザー名}
        Local user authentication for remote access L2TP VPN
        • set vpn l2tp remote-access authentication local-users username {ユーザー名} disable
          Option to disable L2TP remote-access user
        • set vpn l2tp remote-access authentication local-users username {ユーザー名} password {パスワード}
          Password for authentication
        • set vpn l2tp remote-access authentication local-users username {ユーザー名} static-ip {x.x.x.x}
          Static IP address
      • set vpn l2tp remote-access authentication mode
        Authentication mode for remote access L2TP VPN
        • set vpn l2tp remote-access authentication mode local
          Use username/password in the configuration
        • set vpn l2tp remote-access authentication mode radius
          Use Radius server
      • set vpn l2tp remote-access authentication radius-server {x.x.x.x}
        IP address of radius server
    • set vpn l2tp remote-access client-ip-pool
      Pool of IP address to be assigned to remote clients
      • set vpn l2tp remote-access client-ip-pool start {x.x.x.x}
        First IP address in the pool
      • set vpn l2tp remote-access client-ip-pool stop {x.x.x.x}
        Last IP address in the pool
    • set vpn l2tp remote-access description {任意テキスト}
      Description for L2TP remote-access settings
    • set vpn l2tp remote-access dhcp-interface {interface}
      DHCP interface to listen on
    • set vpn l2tp remote-access dns-servers
      Domain Name Service (DNS) server
      • set vpn l2tp remote-access dns-servers server-1 {x.x.x.x}
        Primary DNS server
      • set vpn l2tp remote-access dns-servers server-2 {x.x.x.x}
        Secondary DNS server
    • set vpn l2tp remote-access ipsec-settings
      Internet Protocol Security (IPsec) for remote access L2TP VPN
      • set vpn l2tp remote-access ipsec-settings authentication
        IPsec authentication settings
        • set vpn l2tp remote-access ipsec-settings authentication mode
          Authentication mode for IPsec
          • set vpn l2tp remote-access ipsec-settings authentication mode pre-shared-secret
            Use pre-shared secret for IPsec authentication
          • set vpn l2tp remote-access ipsec-settings authentication mode x509
            Use X.509 certificate for IPsec authentication
        • set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret {IPSec Peer 認証 事前共有秘密鍵}
          Pre-shared secret for IPsec
        • set vpn l2tp remote-access ipsec-settings authentication x509
          X.509 certificate
          • set vpn l2tp remote-access ipsec-settings authentication x509 ca-cert-file {path}
            File containing the X.509 certificate for the Certificate Authority (CA)
          • set vpn l2tp remote-access ipsec-settings authentication x509 cert-file {path}
            File containing the X.509 certificate for this host
          • set vpn l2tp remote-access ipsec-settings authentication x509 crl-file {path}
            File containing the X.509 Certificate Revocation List (CRL)
          • set vpn l2tp remote-access ipsec-settings authentication x509 server-cert-file {path}
            File containing the X.509 certificate for the remote access VPN server (this host)
          • set vpn l2tp remote-access ipsec-settings authentication x509 server-key-file {path}
            File containing the private key for the X.509 certificate for the remote access VPN server (this host)
          • set vpn l2tp remote-access ipsec-settings authentication x509 server-key-password {パスワード}
            Password that protects the private key
      • set vpn l2tp remote-access ipsec-settings ike-lifetime {30-86400}
        IKE lifetime in seconds (default : 3600)
    • set vpn l2tp remote-access local-ip {x.x.x.x}
      Optional IP address to use on the local side of the tunnel
    • set vpn l2tp remote-access mtu {128-16384}
      Maximum Transmission Unit (MTU)
    • set vpn l2tp remote-access outside-address {x.x.x.x}
      Outside IP address to which VPN clients will connect
    • set vpn l2tp remote-access outside-nexthop {x.x.x.x}
      Nexthop IP address for reaching the VPN clients
    • set vpn l2tp remote-access wins-servers
      Windows Inernet Name Service (WINS) server settings
      • set vpn l2tp remote-access wins-servers server-1 {x.x.x.x}
        Primary WINS server
      • set vpn l2tp remote-access wins-servers server-2 {x.x.x.x}
        Secondary WINS server

vpn pptp

  • set vpn pptp remote-access
    Point to Point Tunneling Protocol (PPTP) Virtual Private Network (VPN)
    • set vpn pptp remote-access authentication
      Authentication for remote access PPTP VPN
      • set vpn pptp remote-access authentication local-users username {ユーザー名}
        Local user authentication for remote access PPTP VPN
        • set vpn pptp remote-access authentication local-users username {ユーザー名} disable
          Option to disable a PPTP remote-access user
        • set vpn pptp remote-access authentication local-users username {ユーザー名} password {パスワード}
          Password for authentication
        • set vpn pptp remote-access authentication local-users username {ユーザー名} static-ip {x.x.x.x}
          Static IP address
      • set vpn pptp remote-access authentication mode
        Authentication mode for remote access PPTP VPN
        • set vpn pptp remote-access authentication mode local
          Use username/password in the configuration
        • set vpn pptp remote-access authentication mode radius
          Use Radius server
      • set vpn pptp remote-access authentication radius-server {x.x.x.x}
        IP address of radius server
    • set vpn pptp remote-access client-ip-pool
      Pool of client IP address (must be within a /24)
      • set vpn pptp remote-access client-ip-pool start {x.x.x.x}
        First IP address in the pool
      • set vpn pptp remote-access client-ip-pool stop {x.x.x.x}
        Last IP address in the pool
    • set vpn pptp remote-access dhcp-interface {interface}
      DHCP interface to listen on
    • set vpn pptp remote-access dns-servers
      Domain Name Service (DNS) server
      • set vpn pptp remote-access dns-servers server-1 {x.x.x.x}
        Primary DNS server
      • set vpn pptp remote-access dns-servers server-2 {x.x.x.x}
        Secondary DNS server
    • set vpn pptp remote-access local-ip {x.x.x.x}
      Optional IP address to use one the local side of the tunnel
    • set vpn pptp remote-access mtu {128-16384}
      Maximum Transmission Unit (MTU) (default : 1492)
    • set vpn pptp remote-access outside-address {x.x.x.x}
      Outside IP address to which VPN clients will connect
    • set vpn pptp remote-access wins-servers
      Windows Internet Name Service (WINS) server settings
      • set vpn pptp remote-access wins-servers server-1 {x.x.x.x}
        Primary WINS server
      • set vpn pptp remote-access wins-servers server-2 {x.x.x.x}
        Secondary WINS server

vpn rsa-keys

  • set vpn rsa-keys
    RSA keys
    • set vpn rsa-keys local-key file {path}
      Local RSA key
    • set vpn rsa-keys rsa-key-name {VPN RSA キー名}
      Name of remote RSA key
      • set vpn rsa-keys rsa-key-name rsa-key
        Remote RSA key


関連項目



凡例

「★」は、不明であることを表しています。

注意事項

動作の確認は、EdgeRouter X : ER-X にて行っています。 他のモデルでは、一部動作が異なる可能性があります。

ご意見を共有しましょう