summaryrefslogtreecommitdiffstats
path: root/extras/strongswan/configs/responder_nat/vpp.conf
diff options
context:
space:
mode:
Diffstat (limited to 'extras/strongswan/configs/responder_nat/vpp.conf')
-rw-r--r--extras/strongswan/configs/responder_nat/vpp.conf44
1 files changed, 44 insertions, 0 deletions
diff --git a/extras/strongswan/configs/responder_nat/vpp.conf b/extras/strongswan/configs/responder_nat/vpp.conf
new file mode 100644
index 00000000000..9ba3fdf2604
--- /dev/null
+++ b/extras/strongswan/configs/responder_nat/vpp.conf
@@ -0,0 +1,44 @@
+create host-interface name vpp
+create host-interface name priv
+pipe create
+
+set interface ip addr host-vpp 192.168.10.2/24
+set interface state host-vpp up
+
+ip table add 1
+set int ip table host-priv 1
+set int ip table pipe0.1 1
+
+set interface ip addr host-priv 192.168.3.1/24
+set interface state host-priv up
+
+set int ip address pipe0.0 10.0.0.1/24
+set int ip address pipe0.1 10.0.0.2/24
+set int state pipe0 up
+
+ikev2 profile add pr1
+ikev2 profile set pr1 auth shared-key-mic string Vpp123
+ikev2 profile set pr1 id local fqdn vpp.home
+ikev2 profile set pr1 id remote fqdn roadwarrior.vpn.example.com
+ikev2 profile set pr1 traffic-selector local ip-range 192.168.3.0 - 192.168.3.255 port-range 0 - 65535 protocol 0
+ikev2 profile set pr1 traffic-selector remote ip-range 192.168.5.0 - 192.168.5.255 port-range 0 - 65535 protocol 0
+
+ip route add table 1 192.168.10.0/24 via 10.0.0.1 pipe0.1
+
+create ipip tunnel src 10.0.0.2 dst 192.168.10.1 outer-table-id 1
+set interface ip table ipip0 1
+
+ikev2 profile set pr1 tunnel ipip0
+ip route add table 1 192.168.5.0/24 via ipip0
+set interface unnumbered ipip0 use pipe0.1
+
+nat44 enable sessions 10
+nat44 add address 192.168.10.2
+set interface nat44 in pipe0.0 out host-vpp
+nat44 add static mapping udp local 10.0.0.2 500 external 192.168.10.2 500
+nat44 add static mapping udp local 10.0.0.2 4500 external 192.168.10.2 4500
+
+event-logger clear
+trace add af-packet-input 100
+ikev2 set liveness 10 2
+ikev2 set logging level 4