Patton electronic SmartNode 4110 Series ユーザーズマニュアル

Sample configurations

SmartWare Software Configuration Guide 

The following sample configurations establish IPsec connections between a SmartNode and a Cisco router. To 
interconnect two SmartNodes instead, derive the configuration for the second SmartNode by doing the follow-
ing modifications:

•

Swap ‘inbound’ and ‘outbound’ settings

•

Adjust the ‘peer’ setting

•

Swap the private networks in the ACL profiles

•

Adjust the IP addresses of the LAN and WAN interfaces

•

Adjust the route for the remote network

profile ipsec-transform DES
  esp-encryption des-cbc 64

profile ipsec-policy-manual VPN_DES
  use profile ipsec-transform DES
  session-key inbound esp-encryption 1234567890ABCDEF
  session-key outbound esp-encryption FEDCBA0987654321
  spi inbound esp 1111
  spi outbound esp 2222
  peer 200.200.200.1
  mode tunnel

profile acl VPN_Out
  permit ip 192.168.1.0 0.0.0.255 172.16.0.0 0.0.255.255 ipsec-policy VPN_DES
  permit ip any any

profile acl VPN_In
  permit esp any any
  permit ah any any
  permit ip 172.16.0.0 0.0.255.255 192.168.1.0 0.0.0.255
  deny ip any any

context ip router

interface LAN
  ipaddress 192.168.1.1 255.255.255.0

interface WAN
  ipaddress 200.200.200.2 255.255.255.252
  use profile acl VPN_In in
  use profile acl VPN_Out out

context ip router
  route 0.0.0.0 0.0.0.0 200.200.200.1 0
  route 172.16.0.0 255.255.0.0 WAN 0