simplysoft-net / opennhrp Goto Github PK
View Code? Open in Web Editor NEWThis project forked from ibazzi/opennhrp
opennhrp for cross compile
License: MIT License
This project forked from ibazzi/opennhrp
opennhrp for cross compile
License: MIT License
OpenNHRP Release Notes ====================== OpenNHRP is an NHRP implementation for Linux. It has most of the RFC2332 and Cisco IOS extensions. Project homepage: http://sourceforge.net/projects/opennhrp Git repository: git://opennhrp.git.sourceforge.net/gitroot/opennhrp LICENSE OpenNHRP is licensed under the MIT License. See MIT-LICENSE.txt for additional details. OpenNHRP embeds libev. libev is dual licensed with 2-clause BSD and GPLv2+ licenses. See libev/LICENSE for additional details. OpenNHRP links to c-ares. c-ares is licensed under the MIT License. SYSTEM REQUIREMENTS To compile OpenNHRP you need: - GNU make (3.81 or later works) - GCC - pkg-config - c-ares library (Ubuntu package: libc-ares-dev) See also README.kernel for notes on specific kernel versions, and required configuration options. COMPILING Just type 'make' and 'make install'. CONFIGURATION OpenNHRP currently supports only IPv4 over IPv4 using NBMA GRE tunnels. To create NBMA GRE tunnel you might use following: ip tunnel add gre1 mode gre key 1234 ttl 64 ip addr add 10.255.255.2/24 dev gre1 ip link set gre1 up This should work with the configuration example in opennhrp.conf(5). IPSEC ENCRYPTION OF GRE PACKETS ipsec-tools 0.8.0 or later is recommended. Earlier versions need patching for dmvpn to work properly. The ipsec-tools configuration I prefer to use is: encrypt all GRE traffic in transport mode. IPsec policy for that should be defined in /etc/ipsec.conf: spdflush; spdadd 0.0.0.0/0 0.0.0.0/0 gre -P out ipsec esp/transport//require; spdadd 0.0.0.0/0 0.0.0.0/0 gre -P in ipsec esp/transport//require; And ipsec-tools configuration with pre-shared key could look something like this: /etc/racoon/racoon.conf: path pre_shared_key "/etc/racoon/psk.txt"; remote anonymous { exchange_mode aggressive; lifetime time 24 hour; my_identifier user_fqdn "[email protected]"; nat_traversal on; # For ipsec-tools snapshot 2010-10-10 or later script "/etc/opennhrp/racoon-ph1dead.sh" phase1_dead; # For earlier ipsec-tools # script "/etc/opennhrp/racoon-ph1down.sh" phase1_down; proposal { encryption_algorithm 3des; hash_algorithm sha1; authentication_method pre_shared_key; dh_group 2; } } sainfo anonymous { pfs_group 2; lifetime time 12 hour; encryption_algorithm 3des, blowfish 448, rijndael; authentication_algorithm hmac_sha1, hmac_md5; compression_algorithm deflate; } And /etc/racoon/psk.txt: [email protected] "my-secret-pre-shared-key" It is of course more secure to use certificates for authentication. And using aggressive main mode is not recommended either, but it is required to make FQDN pre-shared authentication work. This setup is fast to do and can get you started with testing OpenNHRP. DOCUMENTATION Most of the OpenNHRP documentation is in the manpages. Read them. Also some general NHRP documents can be found from Cisco website (www.cisco.com). BUGS Use the SourceForge bug tracker or mailing list.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.