文档库

最新最全的文档下载
当前位置:文档库 > pfsense VPN 配置

pfsense VPN 配置

目录

IPSec (1)

IPSec ............................................................................................... 错误!未定义书签。IPSec

unlink_if_exists("{$g['vardb_path']}/ipsecpinghosts");

touch("{$g['vardb_path']}/ipsecpinghosts");

vpn_ipsec_configure_preferoldsa();

$syscfg = $config['system'];

$ipseccfg = $config['ipsec'];

$a_phase1 = $config['ipsec']['phase1'];

$a_phase2 = $config['ipsec']['phase2'];

$a_client = $config['ipsec']['client'];

if (!isset($ipseccfg['enable'])) {

mwexec("/sbin/ifconfig enc0 down");

/* send a SIGKILL to be sure */

sigkillbypid("{$g['varrun_path']}/racoon.pid", "KILL");

/* kill racoon */

if(is_process_running("racoon"))

mwexec("/usr/bin/killall racoon", true);

killbypid("{$g['varrun_path']}/filterdns-ipsec.pid");

/* wait for racoon process to die */

sleep(2);

/* flush SPD and SAD */

mwexec("/usr/local/sbin/setkey -F");

mwexec("/usr/local/sbin/setkey -FP");

/* disallow IPSEC, it is off */

exec("/sbin/sysctl net.inet.ip.ipsec_in_use=0");

return true;

} else {

mwexec("/sbin/ifconfig enc0 up");

mwexec("/sbin/sysctl net.inet.ip.ipsec_in_use=1");

pfsense VPN 配置

(共5页)