0858不明なデバイスさん
2020/03/08(日) 16:38:35.37ID:G+DZLq+7仕事でOpenVPNクライアントを構築することになり、1194/UDP通せば行けるだろうとやってみるものの、ポート開放がうまくできません(https://yonelabo.com/portcheckにて確認)。
ip route default gateway tunnel 1 gateway pp 1 filter 600005 600000 101004 101000 101001 101002 101003
ip route 192.168.1.0/24 gateway tunnel 2(IPsec相手側,localは192.168.0.0/24)
pp select 1
ip pp nat descriptor 2000
ip pp secure filter in 100000 100001 100002 100003 100020 100021 100022 100023 100024 100025 100030 100031 100032 100033 100034 100035 100036 100037 100040 100041 100042 100043 101000 101001 101002 201003 dynamic 200 201 202 203 204 205 206
ip pp secure filter out 100010 100011 100012 100013 100020 100021 100022 100023 100024 100025 100026 100027 100038 100039 110000 dynamic 200 201 202 203 204 205 206
ip filter 100043 pass * 192.168.0.3 udp * 1194
ip filter 600000 pass 192.168.0.100 *
ip filter 600005 pass 192.168.0.3 *
ip filter 101000 pass * * udp * 4500
ip filter 101001 pass * * udp * 500
ip filter 101002 pass * * esp * *
ip filter 101003 pass * * tcp * 2002
ip filter 101004 pass * * udp * domain
tunnel select 1
tunnel encapsulation map-e
ip tunnel secure filter in 200030 200039
ip tunnel secure filter out 200099 dynamic 200080 200082 200083 200084 200098 200099
ip tunnel nat descriptor 1000
tunnel enable 1
tunnel select 2
ネットボランチDNS IPsec
nat descriptor type 1000 masquerade
nat descriptor address outer 1000 map-e
nat descriptor type 2000 masquerade
nat descriptor address outer 2000 ipcp
nat descriptor address inner 2000 192.168.0.1-192.168.0.254
nat descriptor masquerade static 2000 8 192.168.0.3 udp 1194
おかしい点有りましたらご指摘頂けると助かります。
