{"id":5191,"date":"2014-07-14T11:30:49","date_gmt":"2014-07-14T02:30:49","guid":{"rendered":"http:\/\/www.creationline.com\/?p=5191"},"modified":"2023-08-29T12:56:20","modified_gmt":"2023-08-29T03:56:20","slug":"%e3%82%bd%e3%83%95%e3%83%88%e3%82%a6%e3%82%a7%e3%82%a2%e3%83%ab%e3%83%bc%e3%82%bfvyatta%e3%81%a8vyos%e3%82%92%e7%94%a8%e3%81%84%e3%81%a6softlayer%e3%81%a8%e3%82%aa%e3%83%95%e3%82%a3%e3%82%b9%e3%82%92i","status":"publish","type":"post","link":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/softlayer\/5191","title":{"rendered":"\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30eb\u30fc\u30bfVyatta\u3068VyOS\u3092\u7528\u3044\u3066SoftLayer\u3068\u30aa\u30d5\u30a3\u30b9\u3092IPsec VPN\u63a5\u7d9a\u3059\u308b #softlayer"},"content":{"rendered":"<h2>VyOS \u3068\u306f<\/h2>\n<p><a href=\"http:\/\/vyos.net\/\">VyOS<\/a> \u3068\u306f\u3001\u30aa\u30fc\u30d7\u30f3\u30bd\u30fc\u30b9\u3067\u958b\u767a\u3055\u308c\u3066\u3044\u308b\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30eb\u30fc\u30bf\u3067\u3059\u3002Debian GNU\/Linux \u3092\u30d9\u30fc\u30b9\u3068\u3057\u3001\u30eb\u30fc\u30bf\u3068\u3057\u3066\u52d5\u4f5c\u3059\u308b\u305f\u3081\u306e\u3055\u307e\u3056\u307e\u306a\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u3084\u7ba1\u7406\u7528\u306e\u30b3\u30de\u30f3\u30c9\u304c\u642d\u8f09\u3055\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>VyOS \u306f <a href=\"http:\/\/www.vyatta.com\/\">Vyatta<\/a> \u304b\u3089\u6d3e\u751f\u3057\u305f\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30eb\u30fc\u30bf\u3067\u3059\u3002Vyatta \u306f\u5f53\u521d\u3001\u7c73 Vyatta \u793e\u306b\u3088\u3063\u3066\u30aa\u30fc\u30d7\u30f3\u30bd\u30fc\u30b9\u3067\u958b\u767a\u3055\u308c\u3001\u6709\u511f\u7248\u3068\u7121\u511f\u7248\u304c\u63d0\u4f9b\u3055\u308c\u3066\u3044\u307e\u3057\u305f\u3002Vyatta \u793e\u304c\u7c73 Brocade \u793e\u306b\u3088\u3063\u3066\u8cb7\u53ce\u3055\u308c\u305f\u5f8c\u3001\u7121\u511f\u7248\u306e\u958b\u767a\u306f\u4e2d\u6b62\u3055\u308c\u3001\u305d\u306e\u7121\u511f\u7248 Vyatta \u304b\u3089\u5206\u5c90\u3057\u305f VyOS \u306e\u958b\u767a\u304c\u59cb\u307e\u308a\u307e\u3057\u305f\u3002<\/p>\n<p>SoftLayer \u3067\u306f\u4eee\u60f3\u30b5\u30fc\u30d0\u306e OS \u306b\u7121\u511f\u7248\u306e Vyatta \u3092\u9078\u629e\u3057\u3001\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30eb\u30fc\u30bf\u3068\u3057\u3066\u6d3b\u7528\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002\u306a\u304a\u3001SoftLayer \u3067\u306f\u7121\u511f\u7248\u306e Vyatta \u4ee5\u5916\u306b\u3001Brocade \u793e\u306b\u3088\u308b\u6709\u511f\u7248\u306e Vyatta \u306e\u5229\u7528\u3082\u3067\u304d\u307e\u3059\u3002\u3053\u3061\u3089\u306f HA \u69cb\u6210\u306a\u3069\u304c\u53ef\u80fd\u306a\u30d9\u30a2\u30e1\u30bf\u30eb\u30b5\u30fc\u30d0\u3067\u3059\u304c\u3084\u3084\u9ad8\u4fa1\u3067\u3042\u308b\u305f\u3081\u3001IPsec VPN \u81ea\u4f53\u306e\u691c\u8a3c\u3092\u76ee\u7684\u3068\u3059\u308b\u672c\u9805\u3067\u53d6\u308a\u6271\u3044\u307e\u305b\u3093\u3002<\/p>\n<h2>IPsec VPN \u3068\u306f<\/h2>\n<p>SoftLayer \u304c\u63d0\u4f9b\u3057\u3066\u3044\u308b <a href=\"http:\/\/knowledgelayer.softlayer.com\/topic\/vpn\">VPN<\/a> \u306b\u306f\u3055\u307e\u3056\u307e\u306a\u30d7\u30ed\u30c8\u30b3\u30eb\u304c\u3042\u308a\u3001\u305d\u306e\u3046\u3061\u7121\u6599\u3067\u5229\u7528\u3067\u304d\u308b VPN \u3068\u3057\u3066 SSL-VPN \u3068 PPTP-VPN \u304c\u3042\u308a\u307e\u3059\u3002\u3069\u3061\u3089\u3082\u6697\u53f7\u5316 VPN \u30c8\u30f3\u30cd\u30eb\u3092\u4ecb\u3057\u3066 SoftLayer \u306e\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306b\u63a5\u7d9a\u3057\u3001\u30b5\u30fc\u30d0\u306e\u7ba1\u7406\u3092\u884c\u3046\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002<\/p>\n<p>\u3057\u304b\u3057\u3001SSL-VPN \u306f\u30d6\u30e9\u30a6\u30b6\u30d9\u30fc\u30b9\u3067\u3042\u308b\u305f\u3081\u30ea\u30e2\u30fc\u30c8\u30a2\u30af\u30bb\u30b9\u7528\u9014\u3068\u3044\u3046\u5074\u9762\u304c\u5f37\u304f\u3001PPTP-VPN \u3082\u5143\u3005\u306f\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u3068\u30b5\u30fc\u30d0\u306e\u63a5\u7d9a\u306b\u8003\u6848\u3055\u308c\u305f\u5f62\u614b\u306e\u305f\u3081\u3001\u62e0\u70b9\u9593\u63a5\u7d9a\u306b\u306f\u90fd\u5408\u304c\u60aa\u3044\u5834\u5408\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<p>IPsec VPN \u306f\u30eb\u30fc\u30bf\u540c\u58eb\u3092 IPsec \u3067\u6697\u53f7\u5316\u63a5\u7d9a\u3059\u308b\u5f62\u614b\u3067\u3001\u62e0\u70b9\u9593\u63a5\u7d9a\u306b\u7279\u5316\u3057\u305f\u65b9\u5f0f\u3068\u8a00\u3048\u307e\u3059\u3002SoftLayer \u3067\u3082 <a href=\"http:\/\/knowledgelayer.softlayer.com\/topic\/ipsec-vpn\">IPsec VPN<\/a> \u3092\u63d0\u4f9b\u3057\u3066\u3044\u307e\u3059\u3002\u3057\u304b\u3057\u3001<a href=\"http:\/\/w3.insidepacket.net\/index.php\/16-softlayer-ipsec-4\">Question about SoftLayer Standard IPSec offering<\/a> \u306b\u3088\u308b\u3068\u3001\u3053\u306e SoftLayer \u6a19\u6e96\u306e IPsec \u306f\u3042\u304f\u307e\u3067\u3082\u30b5\u30fc\u30d0\u306e\u7ba1\u7406\u7528\u3067\u3001\u5b9f\u969b\u306e\u62e0\u70b9\u9593\u63a5\u7d9a\u306b\u306f\u5411\u304b\u306a\u3044\u3068\u306e\u8a18\u8f09\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<blockquote><p>The customer uses Softlayer Standard IPSec (the one in customer portal) as the communication path of app integration. But they saw some issue with that.The technical guy on customer end did some troubleshooting and found source NAT is performed on Softlayer VPN gateway.<\/p><\/blockquote>\n<blockquote><p>SoftLayer Standard IPSec offering in customer portal is for admin\/management purpose only. It is not really for application integration, .e.g. customer VM to server on their corporate network.<\/p><\/blockquote>\n<p>\u305d\u3053\u3067\u3001\u5f53\u8a72\u30d6\u30ed\u30b0\u3067\u3082\u63a8\u5968\u3055\u308c\u3066\u3044\u308b\u901a\u308a\u3001\u672c\u9805\u3067\u306f\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30eb\u30fc\u30bf\u306e Vyatta \u304a\u3088\u3073 VyOS \u3092\u7528\u3044\u3066 SoftLayer \u3068\u30aa\u30d5\u30a3\u30b9\u3092 IPsec VPN \u3067\u63a5\u7d9a\u3057\u3066\u307f\u307e\u3059\u3002<\/p>\n<h2>\u524d\u63d0\u3068\u3059\u308b\u691c\u8a3c\u74b0\u5883<\/h2>\n<p>SoftLayer \u3068\u30aa\u30d5\u30a3\u30b9\u305d\u308c\u305e\u308c\u306e IPsec VPN \u30b2\u30fc\u30c8\u30a6\u30a7\u30a4\u306f\u3001\u7121\u511f\u7248 Vyatta \u304a\u3088\u3073 VyOS \u3092\u7528\u3044\u3066\u691c\u8a3c\u3092\u884c\u3044\u307e\u3059\u3002SoftLayer \u5074\u3092\u6709\u511f\u7248 Vyatta \u306b\u7f6e\u304d\u63db\u3048\u3001\u30aa\u30d5\u30a3\u30b9\u5074\u3092 VyOS \u3084 Vyatta \u3068\u901a\u4fe1\u53ef\u80fd\u306a\u30eb\u30fc\u30bf\u306b\u7f6e\u304d\u63db\u3048\u3066\u3082\u52d5\u4f5c\u3059\u308b\u3068\u601d\u308f\u308c\u307e\u3059\u3002<\/p>\n<p>\u30aa\u30d5\u30a3\u30b9\u306f\u30d6\u30ed\u30fc\u30c9\u30d0\u30f3\u30c9\u30eb\u30fc\u30bf\u3092\u4ecb\u3057\u3066\u4e0d\u5b9a\u306e IP \u30a2\u30c9\u30ec\u30b9\u3067\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u306b\u63a5\u7d9a\u3057\u3066\u304a\u308a\u3001KVM \u30db\u30b9\u30c8\u4e0a\u306e\u4eee\u60f3\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306b VyOS \u3092\u914d\u7f6e\u3057\u307e\u3059\u3002<\/p>\n<p><!-- IMG: softlayer-vyos-1.png \/\/--><br \/>\n<img decoding=\"async\" src=\"\/tech-blog\/cms_x3GWkuX\/wp-content\/uploads\/2014\/07\/softlayer-vyos-1.png\" alt=\"softlayer-vyos-1\" \/><\/p>\n<h3>\u30aa\u30d5\u30a3\u30b9\u5074<\/h3>\n<dl>\n<dt>\u30d6\u30ed\u30fc\u30c9\u30d0\u30f3\u30c9\u30eb\u30fc\u30bf<\/dt>\n<dd>\u30b0\u30ed\u30fc\u30d0\u30eb\u5074: xxx.xxx.xxx.xxx<br \/>\n\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u5074: 192.168.24.1<\/dd>\n<\/dl>\n<dl>\n<dt>\u30aa\u30d5\u30a3\u30b9\u5185 LAN<\/dt>\n<dd>\u30cd\u30c3\u30c8\u30ef\u30fc\u30af: 192.168.24.0\/24<br \/>\n\u30c7\u30d5\u30a9\u30eb\u30c8\u30b2\u30fc\u30c8\u30a6\u30a7\u30a4: 192.168.24.1 (\u30d6\u30ed\u30fc\u30c9\u30d0\u30f3\u30c9\u30eb\u30fc\u30bf)<\/dd>\n<\/dl>\n<dl>\n<dt>KVM \u30db\u30b9\u30c8<\/dt>\n<dd>\u30aa\u30d5\u30a3\u30b9\u5185 LAN \u5074: 192.168.24.201<br \/>\n\u4eee\u60f3\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u5074: 192.168.122.1<\/dd>\n<\/dl>\n<dl>\n<dt>\u4eee\u60f3\u30cd\u30c3\u30c8\u30ef\u30fc\u30af<\/dt>\n<dd>\u30cd\u30c3\u30c8\u30ef\u30fc\u30af: 192.168.122.0\/24<br \/>\n\u30c7\u30d5\u30a9\u30eb\u30c8\u30b2\u30fc\u30c8\u30a6\u30a7\u30a4: 192.168.122.1 (KVM \u30db\u30b9\u30c8)<\/dd>\n<\/dl>\n<dl>\n<dt>\u30af\u30e9\u30a4\u30a2\u30f3\u30c8PC (Ubuntu 12.04 LTS)<\/dt>\n<dt><\/dt>\n<dd>\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u5074: 192.168.100.101 (eth1 \u306e\u307f)<\/dd>\n<\/dl>\n<dl>\n<dt>VyOS (1.0.4)<\/dt>\n<dt><\/dt>\n<dd>\u4eee\u60f3\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u5074: 192.168.122.10<br \/>\n\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u5074: 192.168.100.10<\/dd>\n<\/dl>\n<h3>SoftLayer \u5074<\/h3>\n<dl>\n<dt>Vyatta (6.6 Community Edition)<\/dt>\n<dd>\u30b0\u30ed\u30fc\u30d0\u30eb\u5074: 119.XXX.XXX.243 (eth1)<br \/>\n\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u5074: 10.110.42.196 (eth0)<\/dd>\n<\/dl>\n<dl>\n<dt>\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af<\/dt>\n<dd>\u30cd\u30c3\u30c8\u30ef\u30fc\u30af: 10.110.42.192\/26<\/dd>\n<\/dl>\n<dl>\n<dt>\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af<\/dt>\n<dd>\u30cd\u30c3\u30c8\u30ef\u30fc\u30af: 10.110.42.192\/26<\/dd>\n<\/dl>\n<dl>\n<dt>\u30b5\u30fc\u30d0PC (CentOS 6 Minimal Install)<\/dt>\n<dt><\/dt>\n<dd>\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u5074: 10.110.43.197 (eth0 \u306e\u307f)<\/dd>\n<\/dl>\n<h2>\u30aa\u30d5\u30a3\u30b9\u5074 VyOS \u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3068\u8a2d\u5b9a<\/h2>\n<p>VyOS \u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u306f\u516c\u5f0f\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u306e <a href=\"http:\/\/vyos.net\/wiki\/User_Guide#Installation\">Installation<\/a> (<a href=\"http:\/\/wiki.vyos-users.jp\/%E3%83%A6%E3%83%BC%E3%82%B6%E3%83%BC%E3%82%AC%E3%82%A4%E3%83%89#.E3.82.A4.E3.83.B3.E3.82.B9.E3.83.88.E3.83.BC.E3.83.AB\">\u65e5\u672c\u8a9e<\/a>) \u3092\u53c2\u7167\u3057\u3066\u304f\u3060\u3055\u3044\u3002\u672c\u9805\u3067\u306f\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u306b\u3042\u308b\u3088\u3046\u306b\u307b\u307c\u30c7\u30d5\u30a9\u30eb\u30c8\u8a2d\u5b9a\u3067\u9032\u3081\u305f\u3053\u3068\u3092\u524d\u63d0\u3068\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u304c\u5b8c\u4e86\u3057\u305f\u3089\u3001\u516c\u5f0f\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u306e <a href=\"http:\/\/vyos.net\/wiki\/User_Guide#Quick_Start_Guide\">Quick Start Guide<\/a> (<a href=\"http:\/\/wiki.vyos-users.jp\/%E3%83%A6%E3%83%BC%E3%82%B6%E3%83%BC%E3%82%AC%E3%82%A4%E3%83%89#.E3.82.AF.E3.82.A4.E3.83.83.E3.82.AF.E3.82.B9.E3.82.BF.E3.83.BC.E3.83.88.E3.82.AC.E3.82.A4.E3.83.89\">\u65e5\u672c\u8a9e\u7248<\/a>) \u3092\u53c2\u7167\u3057\u3001\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306e\u8a2d\u5b9a\u3092\u884c\u3044\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyos@vyos$ configure<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<p><code><br \/>\nvyos@vyos# show interfaces<br \/>\nethernet eth0 {<br \/>\nhw-id xx:xx:xx:xx:xx:xx<br \/>\n}<br \/>\nethernet eth1 {<br \/>\nhw-id yy:yy:yy:yy:yy:yy<br \/>\n}<br \/>\nloopback lo {<br \/>\n}<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<p>IP\u30a2\u30c9\u30ec\u30b9\u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002\u5148\u306e\u524d\u63d0\u3068\u3059\u308b\u74b0\u5883\u304b\u3089 eth0 \u306f <strong>192.168.122.10<\/strong>\u3001eth1 \u306f <strong>192.168.100.10<\/strong> \u3068\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyos@vyos# set interfaces ethernet eth0 address '192.168.122.10\/24'<br \/>\n[edit]<br \/>\nvyos@vyos# set interfaces ethernet eth0 description 'OUTSIDE'<br \/>\n[edit]<br \/>\nvyos@vyos# set interfaces ethernet eth1 address '192.168.100.10\/24'<br \/>\n[edit]<br \/>\nvyos@vyos# set interfaces ethernet eth1 description 'INSIDE'<br \/>\n[edit]<br \/>\nvyos@vyos#<\/code><\/p>\n<p><code><code><\/code><\/code><\/p>\n<p>vyos@vyos# show interfaces<br \/>\nethernet eth0 {<br \/>\n+ address 192.168.122.10\/24<br \/>\n+ description OUTSIDE<br \/>\nhw-id xx:xx:xx:xx:xx:xx<br \/>\n}<br \/>\nethernet eth1 {<br \/>\n+ address 192.168.100.10\/24<br \/>\n+ description INSIDE<br \/>\nhw-id yy:yy:yy:yy:yy:yy<br \/>\n}<br \/>\nloopback lo {<br \/>\n}<br \/>\n[edit]<br \/>\nvyos@vyos#<\/p>\n<p><code><code><\/code><\/code><\/p>\n<p>vyos@vyos# commit<br \/>\n[edit]<br \/>\nvyos@vyos#<\/p>\n<p><code><br \/>\n<\/code><\/p>\n<p><code>vyos@vyos# show interfaces<br \/>\nethernet eth0 {<br \/>\naddress 192.168.122.10\/24<br \/>\ndescription OUTSIDE<br \/>\nhw-id xx:xx:xx:xx:xx:xx<br \/>\n}<br \/>\nethernet eth1 {<br \/>\naddress 192.168.100.10\/24<br \/>\ndescription INSIDE<br \/>\nhw-id yy:yy:yy:yy:yy:yy<br \/>\n}<br \/>\nloopback lo {<br \/>\n}<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<p>\u30c7\u30d5\u30a9\u30eb\u30c8\u30b2\u30fc\u30c8\u30a6\u30a7\u30a4\u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002\u5148\u306e\u524d\u63d0\u3068\u3059\u308b\u74b0\u5883\u304b\u3089 <strong>192.168.122.1<\/strong> \u3068\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyos@vyos# show system gateway-address<br \/>\nConfiguration under specified path is empty<br \/>\n[edit]<br \/>\nvyos@vyos#<\/code><\/p>\n<p><code><code><\/code><\/code><\/p>\n<p>vyos@vyos# set system gateway-address 192.168.122.1<br \/>\n[edit]<br \/>\nvyos@vyos#<\/p>\n<p><code><code><\/code><\/code><\/p>\n<p>vyos@vyos# show system gateway-address<br \/>\n+gateway-address 192.168.122.1<br \/>\n[edit]<br \/>\nvyos@vyos#<\/p>\n<p><code><code><\/code><\/code><\/p>\n<p>vyos@vyos# commit<br \/>\n[edit]<br \/>\nvyos@vyos#<\/p>\n<p><code><br \/>\n<\/code><\/p>\n<p><code>vyos@vyos# show system gateway-address<br \/>\ngateway-address 192.168.122.1<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<p>eth1 \u5074\u306b NAT \u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002\u30af\u30e9\u30a4\u30a2\u30f3\u30c8PC\u3092 VyOS \u306e eth1 \u5074\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u304b\u3089\u901a\u4fe1\u3055\u305b\u308b\u305f\u3081\u3067\u3059\u3002<\/p>\n<p><code><br \/>\nvyos@vyos# show nat<br \/>\nConfiguration under specified path is empty<br \/>\n[edit]<br \/>\nvyos@vyos# <\/code><\/p>\n<p><code><code><\/code><\/code><\/p>\n<p>vyos@vyos# set nat source rule 100 outbound-interface 'eth0'<br \/>\n[edit]<br \/>\nvyos@vyos# set nat source rule 100 source address '192.168.100.0\/24'<br \/>\n[edit]<br \/>\nvyos@vyos# set nat source rule 100 translation address 'masquerade'<br \/>\n[edit]<br \/>\nvyos@vyos#<\/p>\n<p><code><code><\/code><\/code><\/p>\n<p>vyos@vyos# show nat<br \/>\n+source {<br \/>\n+ rule 100 {<br \/>\n+ outbound-interface eth0<br \/>\n+ source {<br \/>\n+ address 192.168.100.0\/24<br \/>\n+ }<br \/>\n+ translation {<br \/>\n+ address masquerade<br \/>\n+ }<br \/>\n+ }<br \/>\n+}<br \/>\n[edit]<br \/>\nvyos@vyos#<\/p>\n<p><code><code><\/code><\/code><\/p>\n<p>vyos@vyos# commit<br \/>\n[edit]<br \/>\nvyos@vyos#<\/p>\n<p><code><br \/>\n<\/code><\/p>\n<p><code>vyos@vyos# show nat<br \/>\nsource {<br \/>\nrule 100 {<br \/>\noutbound-interface eth0<br \/>\nsource {<br \/>\naddress 192.168.100.0\/24<br \/>\n}<br \/>\ntranslation {<br \/>\naddress masquerade<br \/>\n}<br \/>\n}<br \/>\n}<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<p>\u30ea\u30e2\u30fc\u30c8\u304b\u3089\u64cd\u4f5c\u3067\u304d\u308b\u3088\u3046\u306b SSH \u30b5\u30fc\u30d0\u309222\/tcp\u3067\u8d77\u52d5\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyos@vyos# set service ssh port '22'<br \/>\n[edit]<br \/>\nvyos@vyos#<\/code><\/p>\n<p><code><code><\/code><\/code><\/p>\n<p>vyos@vyos# commit<br \/>\n[ service ssh ]<br \/>\nRestarting OpenBSD Secure Shell server: sshd.<\/p>\n<p><code><br \/>\n<\/code><\/p>\n<p><code>[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<p>\u8a2d\u5b9a\u3092\u4fdd\u5b58\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyos@vyos# save<br \/>\nSaving configuration to '\/config\/config.boot'...<br \/>\nDone<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<p>\u4ee5\u964d\u3053\u306e VyOS \u306b\u306f\u30ea\u30e2\u30fc\u30c8\u304b\u3089 SSH \u63a5\u7d9a\u3057\u3066\u4f5c\u696d\u3092\u884c\u3044\u307e\u3059\u3002<\/p>\n<p><code><br \/>\n% ssh vyos@192.168.122.10<br \/>\nWelcome to VyOS<br \/>\nvyos@192.168.122.10's password:<br \/>\nLinux vyatta 3.3.8-1-amd64-vyatta #1 SMP Wed Oct 30 22:54:40 CET 2013 x86_64<br \/>\nWelcome to VyOS.<br \/>\nThis system is open-source software. The exact distribution terms for<br \/>\neach module comprising the full system are described in the individual<br \/>\nfiles in \/usr\/share\/doc\/*\/copyright.<br \/>\nLast login: Thu Jul  3 08:23:57 2014 from 192.168.122.1<br \/>\nvyos@vyos:~$<br \/>\n<\/code><\/p>\n<h2>\u30af\u30e9\u30a4\u30a2\u30f3\u30c8PC\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3068\u8a2d\u5b9a<\/h2>\n<p>\u30af\u30e9\u30a4\u30a2\u30f3\u30c8PC\u3068\u306a\u308b\u4eee\u60f3\u30b5\u30fc\u30d0\u306b\u306f Ubuntu 12.04 LTS \u3092\u7528\u3044\u307e\u3059\u3002<\/p>\n<p>IP\u30a2\u30c9\u30ec\u30b9\u3068\u30c7\u30d5\u30a9\u30eb\u30c8\u30b2\u30fc\u30c8\u30a6\u30a7\u30a4\u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002\u5148\u306e\u524d\u63d0\u3068\u3059\u308b\u74b0\u5883\u304b\u3089 eth0 \u306f\u7528\u3044\u305a\u3001eth1 \u3092 <strong>192.168.100.101<\/strong>\u3001\u30c7\u30d5\u30a9\u30eb\u30c8\u30b2\u30fc\u30c8\u30a6\u30a7\u30a4\u306f <strong>192.168.100.10<\/strong> (VyOS \u306e eth1 \u5074) \u3068\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nubuntu@ubuntu:~$ cat \/etc\/network\/interfaces<br \/>\n# This file describes the network interfaces available on your system<br \/>\n# and how to activate them. For more information, see interfaces(5).<\/code><\/p>\n<p><code><code><\/code><\/code><\/p>\n<p># The loopback network interface<br \/>\nauto lo<br \/>\niface lo inet loopback<\/p>\n<p><code><code><\/code><\/code><\/p>\n<p># The primary network interface<br \/>\nauto eth0<\/p>\n<p><code><br \/>\n<\/code><\/p>\n<p><code># The secondary network interface<br \/>\nauto eth1<br \/>\niface eth1 inet static<br \/>\naddress\t\t192.168.100.101<br \/>\nnetmask\t\t255.255.255.0<br \/>\nbroadcast\t192.168.100.255<br \/>\ngateway\t\t192.168.100.10<br \/>\nubuntu@ubuntu:~$<br \/>\n<\/code><\/p>\n<h2>\u30aa\u30d5\u30a3\u30b9\u5074 VyOS \u306e IPsec VPN \u8a2d\u5b9a<\/h2>\n<p>IPsec \u306e\u63a5\u7d9a\u3092\u78ba\u7acb\u306b\u306f\u3044\u304f\u3064\u3082\u306e\u6bb5\u968e\u3092\u8e0f\u307f\u307e\u3059\u304c\u3001\u3053\u3053\u3067\u306f\u7701\u7565\u3057\u307e\u3059\u3002\u307e\u305f\u3001IPsec \u306e\u7528\u8a9e\u306b\u3064\u3044\u3066\u3082\u8a73\u3057\u3044\u8aac\u660e\u306f\u7701\u304d\u307e\u3059\u3002\u8a73\u7d30\u306f IPsec \u306e\u5c02\u9580\u66f8\u7b49\u3092\u53c2\u7167\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<p>\u307e\u305a IPsec \u3092\u6709\u52b9\u306b\u3059\u308b\u30a4\u30f3\u30bf\u30fc\u30d5\u30a7\u30a4\u30b9\u3092 VyOS \u306e\u30d1\u30d6\u30ea\u30c3\u30af\u5074\u306e <strong>eth0<\/strong> \u306b\u8a2d\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyos@vyos# set vpn ipsec ipsec-interfaces interface eth0<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<p>NAT \u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u3092\u6709\u52b9\u306b\u3057\u307e\u3059\u3002\u8a31\u53ef\u3059\u308b\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306f SoftLayer \u306e\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af <strong>10.110.42.192\/26<\/strong> \u3067\u3059\u3002<\/p>\n<p><code><br \/>\nvyos@vyos# set vpn ipsec nat-traversal enable<br \/>\n[edit]<br \/>\nvyos@vyos# set vpn ipsec nat-networks allowed-network 10.110.42.192\/26<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<h3>IKE \u3068 ESP \u306e\u8a2d\u5b9a<\/h3>\n<p>IKE (Internet Key Exchange) \u306e\u30b0\u30eb\u30fc\u30d7\u540d\u3092 <strong>IKE-1-EAST<\/strong> \u3068\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyos@vyos# set vpn ipsec ike-group IKE-1-EAST<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<p>1\u3064\u76ee\u306e Proposal (\u63d0\u6848) \u306f\u6697\u53f7\u30a2\u30eb\u30b4\u30ea\u30ba\u30e0\u3092 <strong>aes256<\/strong>\u3001\u30cf\u30c3\u30b7\u30e5\u30a2\u30eb\u30b4\u30ea\u30ba\u30e0\u3092 <strong>sha1<\/strong> \u3068\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyos@vyos# set vpn ipsec ike-group IKE-1-EAST proposal 1 encryption aes256<br \/>\n[edit]<br \/>\nvyos@vyos# set vpn ipsec ike-group IKE-1-EAST proposal 1 hash sha1<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<p>2\u3064\u76ee\u306e Proposal \u306f <strong>aes128<\/strong>\u3001<strong>sha1<\/strong> \u3068\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyos@vyos# set vpn ipsec ike-group IKE-1-EAST proposal 2 encryption aes128<br \/>\n[edit]<br \/>\nvyos@vyos# set vpn ipsec ike-group IKE-1-EAST proposal 2 hash sha1<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<p>IKE \u306e lifetime \u306f <strong>3600<\/strong> \u3068\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyos@vyos# set vpn ipsec ike-group IKE-1-EAST lifetime 3600<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<p>ESP (Encapsulated Security Payload) \u306e\u30b0\u30eb\u30fc\u30d7\u540d\u3092 <strong>ESP-1-EAST<\/strong> \u3068\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyos@vyos# set vpn ipsec esp-group ESP-1-EAST<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<p>ESP \u306e Proposal \u306f IKE \u3068\u540c\u69d8\u306b\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyos@vyos# set vpn ipsec esp-group ESP-1-EAST proposal 1 encryption aes256<br \/>\n[edit]<br \/>\nvyos@vyos# set vpn ipsec esp-group ESP-1-EAST proposal 1 hash sha1<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<p><code><br \/>\nvyos@vyos# set vpn ipsec esp-group ESP-1-EAST proposal 2 encryption aes128<br \/>\n[edit]<br \/>\nvyos@vyos# set vpn ipsec esp-group ESP-1-EAST proposal 2 hash sha1<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<p>ESP \u306e lifetime \u306f <strong>3600<\/strong> \u3068\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyos@vyos# set vpn ipsec esp-group ESP-1-EAST lifetime 3600<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<h3>\u30d4\u30a2\u30ea\u30f3\u30b0\u306e\u8a2d\u5b9a<\/h3>\n<p>SoftLayer \u5074\u306e Vyatta \u3068\u63a5\u7d9a\u3059\u308b\u305f\u3081\u306e\u8a2d\u5b9a\u3092\u884c\u3044\u307e\u3059\u3002<\/p>\n<p>\u63a5\u7d9a\u5148\u306b SoftLayer \u5074\u306e Vyatta \u306e\u30d1\u30d6\u30ea\u30c3\u30af IP \u30a2\u30c9\u30ec\u30b9 <strong>119.XXX.XXX.243<\/strong> \u3092\u6307\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyos@vyos# set vpn ipsec site-to-site peer 119.XXX.XXX.243<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<p>\u8a8d\u8a3c\u30e2\u30fc\u30c9\u306b\u4e8b\u524d\u5171\u6709\u79d8\u5bc6 (<strong>pre-shared-secret<\/strong>) \u65b9\u5f0f\u3092\u6307\u5b9a\u3057\u3001\u4e8b\u524d\u5171\u6709\u79d8\u5bc6\u3068\u3057\u3066\u4efb\u610f\u306e\u6587\u5b57\u5217\u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002\u4e8b\u524d\u5171\u6709\u79d8\u5bc6\u306e\u6587\u5b57\u5217\u306f\u30d4\u30a2\u30ea\u30f3\u30b0\u3059\u308b\u4e21\u8005\u3067\u4e00\u81f4\u3057\u3066\u3044\u306a\u3051\u308c\u3070\u3044\u3051\u307e\u305b\u3093\u3002<\/p>\n<p><code><br \/>\nvyos@vyos# set vpn ipsec site-to-site peer 119.XXX.XXX.243 authentication mode pre-shared-secret<br \/>\n[edit]<br \/>\nvyos@vyos# set vpn ipsec site-to-site peer 119.XXX.XXX.243 authentication pre-shared-secret PRE_SHARED_SECRET<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<p>\u5148\u306b\u8a2d\u5b9a\u3057\u305f <strong>ESP-1-EAST<\/strong> \u3068 <strong>IKE-1-EAST<\/strong> \u3092\u305d\u308c\u305e\u308c\u6307\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyos@vyos# set vpn ipsec site-to-site peer 119.XXX.XXX.243 default-esp-group ESP-1-EAST<br \/>\n[edit]<br \/>\nvyos@vyos# set vpn ipsec site-to-site peer 119.XXX.XXX.243 ike-group IKE-1-EAST<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<p>\u30aa\u30d5\u30a3\u30b9\u306e VyOS \u306e\u30d1\u30d6\u30ea\u30c3\u30af\u5074\u306e IP \u30a2\u30c9\u30ec\u30b9 <strong>192.168.122.10<\/strong> \u3092\u6307\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyos@vyos# set vpn ipsec site-to-site peer 119.XXX.XXX.243 local-address 192.168.122.10<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<p>\u30c8\u30f3\u30cd\u30eb\u306e\u30ed\u30fc\u30ab\u30eb\u5074\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306f\u30aa\u30d5\u30a3\u30b9\u306e\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30a2\u30c9\u30ec\u30b9 <strong>192.168.122.0\/24<\/strong> \u3092\u3001\u30ea\u30e2\u30fc\u30c8\u5074\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306f SoftLayer \u306e\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30a2\u30c9\u30ec\u30b9 <strong>10.110.42.192\/26<\/strong> \u3092\u6307\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyos@vyos# set vpn ipsec site-to-site peer 119.XXX.XXX.243 tunnel 1 local prefix 192.168.122.0\/24<br \/>\n[edit]<br \/>\nvyos@vyos# set vpn ipsec site-to-site peer 119.XXX.XXX.243 tunnel 1 remote prefix 10.110.42.192\/26<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<h3>\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u306e\u8a2d\u5b9a<\/h3>\n<p>\u30aa\u30d5\u30a3\u30b9\u306e\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u3068\u3001SoftLayer \u5074 Vyatta \u306e\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306e\u307f\u3092\u8a31\u53ef\u3059\u308b\u3088\u3046\u8a2d\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyos@vyos# set firewall name office-fw<br \/>\n[edit]<br \/>\nvyos@vyos# set firewall name office-fw default-action drop<br \/>\n[edit]<br \/>\nvyos@vyos# set firewall name office-fw enable-default-log<br \/>\n[edit]<br \/>\nvyos@vyos# set firewall name office-fw rule 100 action accept<br \/>\n[edit]<br \/>\nvyos@vyos# set firewall name office-fw rule 100 source address 192.168.0.0\/16<br \/>\n[edit]<br \/>\nvyos@vyos# set firewall name office-fw rule 200 action accept<br \/>\n[edit]<br \/>\nvyos@vyos# set firewall name office-fw rule 200 source address 119.XXX.XXX.243<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<p>\u78ba\u7acb\u3057\u305f\u30bb\u30c3\u30b7\u30e7\u30f3\u3068\u95a2\u4fc2\u3059\u308b\u30bb\u30c3\u30b7\u30e7\u30f3\u3092\u8a31\u53ef\u3059\u308b\u3088\u3046\u8a2d\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyos@vyos# set firewall state-policy established action accept<br \/>\n[edit]<br \/>\nvyos@vyos# set firewall state-policy related action accept<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<p>\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u306e\u30eb\u30fc\u30eb\u3092 <strong>eth0<\/strong> \u306b\u9069\u7528\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyos@vyos# set interfaces ethernet eth0 firewall local name office-fw<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<p>\u8a2d\u5b9a\u3092\u53cd\u6620\u3057\u3066\u4fdd\u5b58\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyos@vyos# commit<br \/>\n[edit]<br \/>\nvyos@vyos# save<br \/>\nSaving configuration to '\/config\/config.boot'...<br \/>\nDone<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<h3>\u8a2d\u5b9a\u78ba\u8a8d<\/h3>\n<p>\u30aa\u30d5\u30a3\u30b9\u5074 VyOS \u306e IPsec VPN \u8a2d\u5b9a\u3068\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u8a2d\u5b9a\u306f\u6b21\u306e\u901a\u308a\u3067\u3059\u3002<\/p>\n<p><code><br \/>\nvyos@vyos# show vpn<br \/>\nipsec {<br \/>\nesp-group ESP-1-EAST {<br \/>\ncompression disable<br \/>\nlifetime 3600<br \/>\nmode tunnel<br \/>\npfs enable<br \/>\nproposal 1 {<br \/>\nencryption aes256<br \/>\nhash sha1<br \/>\n}<br \/>\nproposal 2 {<br \/>\nencryption aes128<br \/>\nhash sha1<br \/>\n}<br \/>\n}<br \/>\nike-group IKE-1-EAST {<br \/>\nlifetime 3600<br \/>\nproposal 1 {<br \/>\nencryption aes256<br \/>\nhash sha1<br \/>\n}<br \/>\nproposal 2 {<br \/>\nencryption aes128<br \/>\nhash sha1<br \/>\n}<br \/>\n}<br \/>\nipsec-interfaces {<br \/>\ninterface eth0<br \/>\n}<br \/>\nnat-networks {<br \/>\nallowed-network 10.110.42.192\/26 {<br \/>\n}<br \/>\n}<br \/>\nnat-traversal enable<br \/>\nsite-to-site {<br \/>\npeer 119.XXX.XXX.243 {<br \/>\nauthentication {<br \/>\nmode pre-shared-secret<br \/>\npre-shared-secret PRE_SHARED_SECRET<br \/>\n}<br \/>\ndefault-esp-group ESP-1-EAST<br \/>\nike-group IKE-1-EAST<br \/>\nlocal-address 192.168.122.10<br \/>\ntunnel 1 {<br \/>\nlocal {<br \/>\nprefix 192.168.122.0\/24<br \/>\n}<br \/>\nremote {<br \/>\nprefix 10.110.42.192\/26<br \/>\n}<br \/>\n}<br \/>\n}<br \/>\n}<br \/>\n}<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<p><code><br \/>\nvyos@vyos# show firewall<br \/>\nname office-fw {<br \/>\ndefault-action drop<br \/>\nenable-default-log<br \/>\nrule 100 {<br \/>\naction accept<br \/>\nsource {<br \/>\naddress 192.168.0.0\/16<br \/>\n}<br \/>\n}<br \/>\nrule 200 {<br \/>\naction accept<br \/>\nsource {<br \/>\naddress 119.XXX.XXX.243<br \/>\n}<br \/>\n}<br \/>\n}<br \/>\nstate-policy {<br \/>\nestablished {<br \/>\naction accept<br \/>\n}<br \/>\nrelated {<br \/>\naction accept<br \/>\n}<br \/>\n}<br \/>\n[edit]<br \/>\nvyos@vyos# <\/code><\/p>\n<p><code><br \/>\n<\/code><\/p>\n<p><code>vyos@vyos# show interfaces ethernet eth0<br \/>\naddress 192.168.122.10\/24<br \/>\ndescription OUTSIDE<br \/>\nduplex auto<br \/>\nfirewall {<br \/>\nlocal {<br \/>\nname office-fw<br \/>\n}<br \/>\n}<br \/>\nhw-id 52:54:00:e0:0d:df<br \/>\nsmp_affinity auto<br \/>\nspeed auto<br \/>\n[edit]<br \/>\nvyos@vyos#<br \/>\n<\/code><\/p>\n<h2>SoftLayer \u5074 Vyatta \u306e IPsec VPN \u8a2d\u5b9a<\/h2>\n<p>\u30aa\u30d5\u30a3\u30b9\u5074\u306e VyOS \u3068\u540c\u69d8\u3001SoftLayer \u5074\u306e Vyatta \u306e\u8a2d\u5b9a\u3092\u884c\u3044\u307e\u3059\u3002<\/p>\n<p>IPsec \u3092\u6709\u52b9\u306b\u3059\u308b\u30a4\u30f3\u30bf\u30fc\u30d5\u30a7\u30a4\u30b9\u3092 Vyatta \u306e\u30d1\u30d6\u30ea\u30c3\u30af\u5074\u306e <strong>eth1<\/strong> \u306b\u8a2d\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyatta@vyatta-sl# set vpn ipsec ipsec-interfaces interface eth1<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl#<br \/>\n<\/code><\/p>\n<p>NAT \u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u3092\u6709\u52b9\u306b\u3057\u307e\u3059\u3002\u8a31\u53ef\u3059\u308b\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306f\u30aa\u30d5\u30a3\u30b9\u306e\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30a2\u30c9\u30ec\u30b9 <strong>192.168.122.0\/24<\/strong> \u3067\u3059\u3002<\/p>\n<p><code><br \/>\nvyatta@vyatta-sl# set vpn ipsec nat-traversal enable<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set vpn ipsec nat-networks allowed-network 192.168.122.0\/24<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl#<br \/>\n<\/code><\/p>\n<h3>IKE \u3068 ESP \u306e\u8a2d\u5b9a<\/h3>\n<p>\u30b0\u30eb\u30fc\u30d7\u540d\u4ee5\u5916\u306e\u8a2d\u5b9a\u306f\u3001\u30d4\u30a2\u30ea\u30f3\u30b0\u3059\u308b\u4e21\u8005\u3067\u4e00\u81f4\u3057\u3066\u3044\u306a\u3051\u308c\u3070\u3044\u3051\u307e\u305b\u3093\u3002<\/p>\n<p>IKE \u306e\u30b0\u30eb\u30fc\u30d7\u540d\u3092 <strong>IKE-1-WEST<\/strong> \u3068\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyatta@vyatta-sl# set vpn ipsec ike-group IKE-1-WEST<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl#<br \/>\n<\/code><\/p>\n<p>1\u3064\u76ee\u306e Proposal \u306f\u6697\u53f7\u30a2\u30eb\u30b4\u30ea\u30ba\u30e0\u3092 <strong>aes256<\/strong>\u3001\u30cf\u30c3\u30b7\u30e5\u30a2\u30eb\u30b4\u30ea\u30ba\u30e0\u3092 <strong>sha1<\/strong> \u3068\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyatta@vyatta-sl# set vpn ipsec ike-group IKE-1-WEST proposal 1 encryption aes256<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set vpn ipsec ike-group IKE-1-WEST proposal 1 hash sha1<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl#<br \/>\n<\/code><\/p>\n<p>2\u3064\u76ee\u306e Proposal \u306f <strong>aes128<\/strong>\u3001<strong>sha1<\/strong> \u3068\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyatta@vyatta-sl# set vpn ipsec ike-group IKE-1-WEST proposal 2 encryption aes128<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set vpn ipsec ike-group IKE-1-WEST proposal 2 hash sha1<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl#<br \/>\n<\/code><\/p>\n<p>IKE \u306e lifetime \u306f <strong>3600<\/strong> \u3068\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyatta@vyatta-sl# set vpn ipsec ike-group IKE-1-WEST lifetime 3600<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl#<br \/>\n<\/code><\/p>\n<p>ESP \u306e\u30b0\u30eb\u30fc\u30d7\u540d\u3092 <strong>ESP-1-WEST<\/strong> \u3068\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyatta@vyatta-sl# set vpn ipsec esp-group ESP-1-WEST<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl#<br \/>\n<\/code><\/p>\n<p>ESP \u306e Proposal \u306f IKE \u3068\u540c\u69d8\u306b\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyatta@vyatta-sl# set vpn ipsec esp-group ESP-1-WEST proposal 1 encryption aes256<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set vpn ipsec esp-group ESP-1-WEST proposal 1 hash sha1<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl#<br \/>\n<\/code><\/p>\n<p><code><br \/>\nvyatta@vyatta-sl# set vpn ipsec esp-group ESP-1-WEST proposal 2 encryption aes128<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set vpn ipsec esp-group ESP-1-WEST proposal 2 hash sha1<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl#<br \/>\n<\/code><\/p>\n<p>ESP \u306e lifetime \u306f <strong>3600<\/strong> \u3068\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyatta@vyatta-sl# set vpn ipsec esp-group ESP-1-WEST lifetime 3600<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl#<br \/>\n<\/code><\/p>\n<h3>\u30d4\u30a2\u30ea\u30f3\u30b0\u306e\u8a2d\u5b9a<\/h3>\n<p>\u30aa\u30d5\u30a3\u30b9\u5074\u306e VyOS \u3068\u63a5\u7d9a\u3059\u308b\u305f\u3081\u306e\u8a2d\u5b9a\u3092\u884c\u3044\u307e\u3059\u3002<\/p>\n<p>\u30aa\u30d5\u30a3\u30b9\u5074\u306e VyOS \u306f\u30d6\u30ed\u30fc\u30c9\u30d0\u30f3\u30c9\u30eb\u30fc\u30bf\u306b\u3088\u308b\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u63a5\u7d9a\u306e\u305f\u3081\u3001IP \u30a2\u30c9\u30ec\u30b9\u304c\u4e0d\u5b9a\u3067\u3059\u3002\u3088\u3063\u3066\u3001\u4efb\u610f\u306e IP \u30a2\u30c9\u30ec\u30b9\u3092\u610f\u5473\u3059\u308b <strong>0.0.0.0<\/strong> \u3092\u6307\u5b9a\u3057\u307e\u3059\u3002\u3053\u306e\u5834\u5408\u3001\u30aa\u30d5\u30a3\u30b9\u5074\u306e VyOS \u304b\u3089 SoftLayer \u5074\u306e Vyatta \u306b\u5bfe\u3057\u3066\u63a5\u7d9a\u3092\u958b\u59cb\u3059\u308b\u5f62\u3068\u306a\u308a\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyatta@vyatta-sl# set vpn ipsec site-to-site peer 0.0.0.0<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl#<br \/>\n<\/code><\/p>\n<p>\u8a8d\u8a3c\u30e2\u30fc\u30c9\u306b <strong>pre-shared-secret<\/strong> \u65b9\u5f0f\u3092\u6307\u5b9a\u3057\u3001\u30aa\u30d5\u30a3\u30b9\u5074\u306e VyOS \u3067\u6307\u5b9a\u3057\u305f\u3082\u306e\u3068\u540c\u3058\u6587\u5b57\u5217\u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyatta@vyatta-sl# set vpn ipsec site-to-site peer 0.0.0.0 authentication mode pre-shared-secret<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set vpn ipsec site-to-site peer 0.0.0.0 authentication pre-shared-secret PRE_SHARED_SECRET<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl#<br \/>\n<\/code><\/p>\n<p>\u5148\u306b\u8a2d\u5b9a\u3057\u305f <strong>ESP-1-EAST<\/strong> \u3068 <strong>IKE-1-EAST<\/strong> \u3092\u305d\u308c\u305e\u308c\u6307\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyatta@vyatta-sl# set vpn ipsec site-to-site peer 0.0.0.0 default-esp-group ESP-1-WEST<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set vpn ipsec site-to-site peer 0.0.0.0 ike-group IKE-1-WEST<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl#<br \/>\n<\/code><\/p>\n<p>SoftLayer \u306e Vyatta \u306e\u30d1\u30d6\u30ea\u30c3\u30af\u5074\u306e IP \u30a2\u30c9\u30ec\u30b9 <strong>119.XXX.XXX.243<\/strong> \u3092\u6307\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyatta@vyatta-sl# set vpn ipsec site-to-site peer 0.0.0.0 local-address 119.XXX.XXX.243<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl#<br \/>\n<\/code><\/p>\n<p>\u30c8\u30f3\u30cd\u30eb\u306e\u30ed\u30fc\u30ab\u30eb\u5074\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306f SoftLayer \u306e Vyatta \u306e\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u5074\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30a2\u30c9\u30ec\u30b9 <strong>10.110.42.192\/26<\/strong> \u3092\u3001\u30ea\u30e2\u30fc\u30c8\u5074\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306f\u30aa\u30d5\u30a3\u30b9\u306e\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30a2\u30c9\u30ec\u30b9 <strong>192.168.122.0\/24<\/strong> \u3092\u6307\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyatta@vyatta-sl# set vpn ipsec site-to-site peer 0.0.0.0 tunnel 1 local prefix 10.110.42.192\/26<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set vpn ipsec site-to-site peer 0.0.0.0 tunnel 1 remote prefix 192.168.122.0\/24<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl#<br \/>\n<\/code><\/p>\n<h3>\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u306e\u8a2d\u5b9a<\/h3>\n<p>\u304a\u4e92\u3044\u306e\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u3068\u3001IPsec \u306e\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u307f\u3092\u8a31\u53ef\u3059\u308b\u3088\u3046\u8a2d\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyatta@vyatta-sl# set firewall name sl-fw<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set firewall name sl-fw default-action drop<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set firewall name sl-fw enable-default-log<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set firewall name sl-fw rule 100 action accept<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set firewall name sl-fw rule 100 source address 10.0.0.0\/8<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set firewall name sl-fw rule 110 action accept<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set firewall name sl-fw rule 110 source address 192.168.0.0\/16<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set firewall name sl-fw rule 120 action accept<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set firewall name sl-fw rule 120 destination port 500<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set firewall name sl-fw rule 120 protocol udp<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set firewall name sl-fw rule 130 action accept<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set firewall name sl-fw rule 130 destination port 4500<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set firewall name sl-fw rule 130 protocol udp<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set firewall name sl-fw rule 140 action accept<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set firewall name sl-fw rule 140 protocol esp<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl#<br \/>\n<\/code><\/p>\n<p>\u78ba\u7acb\u3057\u305f\u30bb\u30c3\u30b7\u30e7\u30f3\u3068\u95a2\u4fc2\u3059\u308b\u30bb\u30c3\u30b7\u30e7\u30f3\u3092\u8a31\u53ef\u3059\u308b\u3088\u3046\u8a2d\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyatta@vyatta-sl# set firewall state-policy established action accept<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set firewall state-policy related action accept<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl#<br \/>\n<\/code><\/p>\n<p>\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u306e\u30eb\u30fc\u30eb\u3092 <strong>eth1<\/strong> \u306b\u9069\u7528\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyatta@vyatta-sl# set interfaces ethernet eth1 firewall in name sl-fw<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set interfaces ethernet eth1 firewall local name sl-fw<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl#<br \/>\n<\/code><\/p>\n<p>eth0 \u5074\u306b NAT \u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyatta@vyatta-sl# set nat source rule 10 outbound-interface eth0<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set nat source rule 10 source address 192.168.0.0\/16<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# set nat source rule 10 translation address masquerade<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl#<br \/>\n<\/code><\/p>\n<p>\u8a2d\u5b9a\u3092\u53cd\u6620\u3057\u3066\u4fdd\u5b58\u3057\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nvyatta@vyatta-sl# commit<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# save<br \/>\nSaving configuration to '\/config\/config.boot'...<br \/>\nDone<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl#<br \/>\n<\/code><\/p>\n<h3>\u8a2d\u5b9a\u78ba\u8a8d<\/h3>\n<p>SoftLayer \u5074 Vyatta \u306e IPsec VPN \u8a2d\u5b9a\u3068\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u8a2d\u5b9a\u306f\u6b21\u306e\u901a\u308a\u3067\u3059\u3002<\/p>\n<p><code><br \/>\nvyatta@vyatta-sl# show vpn<br \/>\nipsec {<br \/>\nesp-group ESP-1-WEST {<br \/>\nlifetime 3600<br \/>\nproposal 1 {<br \/>\nencryption aes256<br \/>\nhash sha1<br \/>\n}<br \/>\nproposal 2 {<br \/>\nencryption aes128<br \/>\nhash sha1<br \/>\n}<br \/>\n}<br \/>\nike-group IKE-1-WEST {<br \/>\nlifetime 3600<br \/>\nproposal 1 {<br \/>\nencryption aes256<br \/>\nhash sha1<br \/>\n}<br \/>\nproposal 2 {<br \/>\nencryption aes128<br \/>\nhash sha1<br \/>\n}<br \/>\n}<br \/>\nipsec-interfaces {<br \/>\ninterface eth1<br \/>\n}<br \/>\nnat-networks {<br \/>\nallowed-network 192.168.122.0\/24 {<br \/>\n}<br \/>\n}<br \/>\nnat-traversal enable<br \/>\nsite-to-site {<br \/>\npeer 0.0.0.0 {<br \/>\nauthentication {<br \/>\nmode pre-shared-secret<br \/>\npre-shared-secret PRE_SHARED_SECRET<br \/>\n}<br \/>\ndefault-esp-group ESP-1-WEST<br \/>\nike-group IKE-1-WEST<br \/>\nlocal-address 119.XXX.XXX.243<br \/>\ntunnel 1 {<br \/>\nlocal {<br \/>\nprefix 10.110.42.192\/26<br \/>\n}<br \/>\nremote {<br \/>\nprefix 192.168.122.0\/24<br \/>\n}<br \/>\n}<br \/>\n}<br \/>\n}<br \/>\n}<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl#<br \/>\n<\/code><\/p>\n<p><code><br \/>\nvyatta@vyatta-sl# show firewall<br \/>\nname sl-fw {<br \/>\ndefault-action drop<br \/>\nenable-default-log<br \/>\nrule 100 {<br \/>\naction accept<br \/>\nsource {<br \/>\naddress 10.0.0.0\/8<br \/>\n}<br \/>\n}<br \/>\nrule 110 {<br \/>\naction accept<br \/>\nsource {<br \/>\naddress 192.168.0.0\/16<br \/>\n}<br \/>\n}<br \/>\nrule 120 {<br \/>\naction accept<br \/>\ndestination {<br \/>\nport 500<br \/>\n}<br \/>\nprotocol udp<br \/>\n}<br \/>\nrule 130 {<br \/>\naction accept<br \/>\ndestination {<br \/>\nport 4500<br \/>\n}<br \/>\nprotocol udp<br \/>\n}<br \/>\nrule 140 {<br \/>\naction accept<br \/>\nprotocol esp<br \/>\n}<br \/>\n}<br \/>\nstate-policy {<br \/>\nestablished {<br \/>\naction accept<br \/>\n}<br \/>\nrelated {<br \/>\naction accept<br \/>\n}<br \/>\n}<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl# <\/code><\/p>\n<p><code><code><\/code><\/code><\/p>\n<p>vyatta@vyatta-sl# show interfaces ethernet eth1<br \/>\naddress 119.XXX.XXX.243\/28<br \/>\nduplex auto<br \/>\nfirewall {<br \/>\nin {<br \/>\nname sl-fw<br \/>\n}<br \/>\nlocal {<br \/>\nname sl-fw<br \/>\n}<br \/>\n}<br \/>\nhw-id 06:b1:db:d8:47:3f<br \/>\nsmp_affinity auto<br \/>\nspeed auto<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl#<\/p>\n<p><code><br \/>\n<\/code><\/p>\n<p><code>vyatta@vyatta-sl# show nat<br \/>\nsource {<br \/>\nrule 10 {<br \/>\noutbound-interface eth0<br \/>\nsource {<br \/>\naddress 192.168.0.0\/16<br \/>\n}<br \/>\ntranslation {<br \/>\naddress masquerade<br \/>\n}<br \/>\n}<br \/>\n}<br \/>\n[edit]<br \/>\nvyatta@vyatta-sl#<br \/>\n<\/code><\/p>\n<h2>\u63a5\u7d9a\u78ba\u8a8d<\/h2>\n<p>\u30aa\u30d5\u30a3\u30b9\u5074\u306e VyOS\u3001SoftLayer \u5074\u306e Vyatta \u306e\u305d\u308c\u305e\u308c\u3067 <strong>show vpn ike sa<\/strong> \u3092\u5b9f\u884c\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<p><code><br \/>\nvyos@vyos:~$ show vpn ike sa<br \/>\nPeer ID \/ IP                            Local ID \/ IP<br \/>\n------------                            -------------<br \/>\n119.XXX.XXX.243                          192.168.122.10                         <\/code><\/p>\n<p><code><code><\/code><\/code><\/p>\n<p>State Encrypt Hash D-H Grp NAT-T A-Time L-Time<br \/>\n----- ------- ---- ------- ----- ------ ------<br \/>\nup aes256 sha1 5 yes 1205 3600<\/p>\n<p><code><br \/>\n<\/code><\/p>\n<p><code>vyos@vyos:~$<br \/>\n<\/code><\/p>\n<p><code><br \/>\nvyatta@vyatta-sl:~$ show vpn ike sa<br \/>\nPeer ID \/ IP                            Local ID \/ IP<br \/>\n------------                            -------------<br \/>\nxxx.xxx.xxx.xxx                         119.XXX.XXX.243                         <\/code><\/p>\n<p><code><code><\/code><\/code><\/p>\n<p>State Encrypt Hash D-H Grp NAT-T A-Time L-Time<br \/>\n----- ------- ---- ------- ----- ------ ------<br \/>\nup aes256 sha1 5 yes 1480 3600<\/p>\n<p><code><br \/>\n<\/code><\/p>\n<p><code>vyatta@vyatta-sl:~$<br \/>\n<\/code><\/p>\n<p>\u4e21\u65b9\u306e State \u304c <strong>up<\/strong> \u306b\u306a\u3063\u3066\u3044\u308c\u3070\u3001IPsec VPN \u63a5\u7d9a\u304c\u78ba\u7acb\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>\u30aa\u30d5\u30a3\u30b9\u5074\u306e\u30af\u30e9\u30a4\u30a2\u30f3\u30c8 PC \u306b\u30ed\u30b0\u30a4\u30f3\u3057\u3001SoftLayer \u5074\u306e\u30b5\u30fc\u30d0 PC \u306b\u5bfe\u3057\u3066 ping \u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3057\u3066\u307f\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nubuntu@ubuntu:~$ ping -c 4 10.110.43.197<br \/>\nPING 10.110.43.197 (10.110.43.197) 56(84) bytes of data.<br \/>\n64 bytes from 10.110.43.197: icmp_req=1 ttl=62 time=68.4 ms<br \/>\n64 bytes from 10.110.43.197: icmp_req=2 ttl=62 time=68.6 ms<br \/>\n64 bytes from 10.110.43.197: icmp_req=3 ttl=62 time=71.8 ms<br \/>\n64 bytes from 10.110.43.197: icmp_req=4 ttl=62 time=68.5 ms<\/code><\/p>\n<p><code><br \/>\n<\/code><\/p>\n<p><code>--- 10.110.43.197 ping statistics ---<br \/>\n4 packets transmitted, 4 received, 0% packet loss, time 3005ms<br \/>\nrtt min\/avg\/max\/mdev = 68.464\/69.367\/71.892\/1.470 ms<br \/>\nubuntu@ubuntu:~$<br \/>\n<\/code><\/p>\n<p>\u5fdc\u7b54\u304c\u3042\u308a\u307e\u3057\u305f\u3002traceroute \u30b3\u30de\u30f3\u30c9\u3067\u7d4c\u8def\u3092\u78ba\u8a8d\u3057\u3066\u307f\u307e\u3059\u3002<\/p>\n<p><code><br \/>\nubuntu@ubuntu:~$ traceroute 10.110.43.197<br \/>\ntraceroute to 10.110.43.197 (10.110.43.197), 30 hops max, 60 byte packets<br \/>\n1  192.168.100.10 (192.168.100.10)  0.408 ms  0.400 ms  0.392 ms<br \/>\n2  * * *<br \/>\n3  10.110.43.197 (10.110.43.197)  69.073 ms  69.052 ms  69.061 ms<br \/>\nubuntu@ubuntu:~$<br \/>\n<\/code><\/p>\n<p>\u30aa\u30d5\u30a3\u30b9\u3068 SoftLayer \u306e\u305d\u308c\u305e\u308c\u306e\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u304c IPsec VPN \u306b\u3088\u3063\u3066\u63a5\u7d9a\u3055\u308c\u3066\u3044\u308b\u3053\u3068\u304c\u308f\u304b\u308a\u307e\u3059\u3002<\/p>\n<h2>\u307e\u3068\u3081<\/h2>\n<p>\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30eb\u30fc\u30bf\u306e Vyatta \u3068 VyOS \u3092\u7528\u3044\u3066\u3001SoftLayer\u3068\u30aa\u30d5\u30a3\u30b9\u3092 IPsec VPN \u3057\u3066\u307f\u307e\u3057\u305f\u3002\u305f\u3060\u3057\u3001\u73fe\u72b6\u3067\u306f\u5b9f\u969b\u306e\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u5229\u7528\u306a\u3069\u306f\u884c\u3063\u3066\u3044\u307e\u305b\u3093\u3002\u6b21\u306e\u8a18\u4e8b\u3067\u3055\u3089\u306b IPsec VPN \u306e\u5229\u7528\u306b\u3064\u3044\u3066\u898b\u3066\u3044\u304d\u307e\u3059\u3002<\/p>\n<h3>\u53c2\u8003\u6587\u732e<\/h3>\n<ul>\n<li><a href=\"http:\/\/www.infraexpert.com\/study\/study10.html\">IPsec\u3068\u306f<\/a><\/li>\n<li><a href=\"http:\/\/vyos.net\/wiki\/Main_Page\">VyOS Wiki<\/a><\/li>\n<li><a href=\"http:\/\/wiki.vyos-users.jp\/%E3%83%A1%E3%82%A4%E3%83%B3%E3%83%9A%E3%83%BC%E3%82%B8\">VyOS Wiki (\u65e5\u672c\u8a9e)<\/a><\/li>\n<li><a href=\"https:\/\/www.ibm.com\/developerworks\/community\/wikis\/home?lang=en#!\/wiki\/W2e55790226f1_47d0_a63b_84202b05783a\/page\/%E4%BB%AE%E6%83%B3%E3%83%AB%E3%83%BC%E3%82%BF%E3%83%BCVyatta%E3%82%92%E4%BD%BF%E3%81%A3%E3%81%A6%E3%80%81SoftLayer%E3%81%A8%E3%82%AA%E3%83%95%E3%82%A3%E3%82%B9%E3%82%92%E7%9B%B4%E7%B5%90%E3%81%99%E3%82%8B\">\u4eee\u60f3\u30eb\u30fc\u30bf\u30fcVyatta\u3092\u4f7f\u3063\u3066\u3001SoftLayer\u3068\u30aa\u30d5\u30a3\u30b9\u3092\u76f4\u7d50\u3059\u308b<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>VyOS \u3068\u306f VyOS \u3068\u306f\u3001\u30aa\u30fc\u30d7\u30f3\u30bd\u30fc\u30b9\u3067\u958b\u767a\u3055\u308c\u3066\u3044\u308b\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30eb\u30fc\u30bf\u3067\u3059\u3002Debian GNU\/Linux \u3092\u30d9\u30fc\u30b9\u3068\u3057\u3001\u30eb\u30fc\u30bf\u3068\u3057\u3066\u52d5\u4f5c\u3059\u308b\u305f\u3081\u306e\u3055\u307e\u3056\u307e\u306a\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u3084\u7ba1\u7406\u7528\u306e\u30b3\u30de\u30f3\u30c9\u304c\u642d\u8f09\u3055\u308c\u3066\u3044\u307e\u3059\u3002 [&#8230;]<\/p>\n","protected":false},"author":2,"featured_media":5197,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"content-type":"","footnotes":""},"categories":[31,38],"tags":[],"class_list":["post-5191","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-higuchi","category-softlayer"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30eb\u30fc\u30bfVyatta\u3068VyOS\u3092\u7528\u3044\u3066SoftLayer\u3068\u30aa\u30d5\u30a3\u30b9\u3092IPsec VPN\u63a5\u7d9a\u3059\u308b #softlayer - Tech Blog\uff5c\u30af\u30ea\u30a8\u30fc\u30b7\u30e7\u30f3\u30e9\u30a4\u30f3<\/title>\n<meta name=\"description\" content=\"d-higuchi, softlayer |VyOS \u3068\u306f VyOS \u3068\u306f\u3001\u30aa\u30fc\u30d7\u30f3\u30bd\u30fc\u30b9\u3067\u958b\u767a\u3055\u308c\u3066\u3044\u308b\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30eb\u30fc\u30bf\u3067\u3059\u3002Debian GNU\/Linux\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/softlayer\/5191\" \/>\n<meta property=\"og:locale\" content=\"ja_JP\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30eb\u30fc\u30bfVyatta\u3068VyOS\u3092\u7528\u3044\u3066SoftLayer\u3068\u30aa\u30d5\u30a3\u30b9\u3092IPsec VPN\u63a5\u7d9a\u3059\u308b #softlayer - Tech Blog\uff5c\u30af\u30ea\u30a8\u30fc\u30b7\u30e7\u30f3\u30e9\u30a4\u30f3\" \/>\n<meta property=\"og:description\" content=\"d-higuchi, softlayer |VyOS \u3068\u306f VyOS \u3068\u306f\u3001\u30aa\u30fc\u30d7\u30f3\u30bd\u30fc\u30b9\u3067\u958b\u767a\u3055\u308c\u3066\u3044\u308b\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30eb\u30fc\u30bf\u3067\u3059\u3002Debian GNU\/Linux\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/softlayer\/5191\" \/>\n<meta property=\"og:site_name\" content=\"Tech Blog\uff5c\u30af\u30ea\u30a8\u30fc\u30b7\u30e7\u30f3\u30e9\u30a4\u30f3\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/creationline\" \/>\n<meta property=\"article:published_time\" content=\"2014-07-14T02:30:49+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-08-29T03:56:20+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.creationline.com\/tech-blog\/cms_x3GWkuX\/wp-content\/uploads\/2014\/07\/softlayer-vyos-1.png\" \/>\n\t<meta property=\"og:image:width\" content=\"803\" \/>\n\t<meta property=\"og:image:height\" content=\"306\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Daisuke Higuchi\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@creationline\" \/>\n<meta name=\"twitter:site\" content=\"@creationline\" \/>\n<meta name=\"twitter:label1\" content=\"\u57f7\u7b46\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"Daisuke Higuchi\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u63a8\u5b9a\u8aad\u307f\u53d6\u308a\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"11\u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/softlayer\\\/5191#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/softlayer\\\/5191\"},\"author\":{\"name\":\"Daisuke Higuchi\",\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/#\\\/schema\\\/person\\\/16f1373831fb6fd17387f16ae1195206\"},\"headline\":\"\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30eb\u30fc\u30bfVyatta\u3068VyOS\u3092\u7528\u3044\u3066SoftLayer\u3068\u30aa\u30d5\u30a3\u30b9\u3092IPsec VPN\u63a5\u7d9a\u3059\u308b #softlayer\",\"datePublished\":\"2014-07-14T02:30:49+00:00\",\"dateModified\":\"2023-08-29T03:56:20+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/softlayer\\\/5191\"},\"wordCount\":560,\"image\":{\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/softlayer\\\/5191#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cms_x3GWkuX\\\/wp-content\\\/uploads\\\/2014\\\/07\\\/softlayer-vyos-1.png\",\"articleSection\":[\"d-higuchi\",\"softlayer\"],\"inLanguage\":\"ja\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/softlayer\\\/5191\",\"url\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/softlayer\\\/5191\",\"name\":\"\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30eb\u30fc\u30bfVyatta\u3068VyOS\u3092\u7528\u3044\u3066SoftLayer\u3068\u30aa\u30d5\u30a3\u30b9\u3092IPsec VPN\u63a5\u7d9a\u3059\u308b #softlayer - Tech Blog\uff5c\u30af\u30ea\u30a8\u30fc\u30b7\u30e7\u30f3\u30e9\u30a4\u30f3\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/softlayer\\\/5191#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/softlayer\\\/5191#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cms_x3GWkuX\\\/wp-content\\\/uploads\\\/2014\\\/07\\\/softlayer-vyos-1.png\",\"datePublished\":\"2014-07-14T02:30:49+00:00\",\"dateModified\":\"2023-08-29T03:56:20+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/#\\\/schema\\\/person\\\/16f1373831fb6fd17387f16ae1195206\"},\"description\":\"d-higuchi, softlayer |VyOS \u3068\u306f VyOS \u3068\u306f\u3001\u30aa\u30fc\u30d7\u30f3\u30bd\u30fc\u30b9\u3067\u958b\u767a\u3055\u308c\u3066\u3044\u308b\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30eb\u30fc\u30bf\u3067\u3059\u3002Debian GNU\\\/Linux\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/softlayer\\\/5191#breadcrumb\"},\"inLanguage\":\"ja\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/softlayer\\\/5191\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"ja\",\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/softlayer\\\/5191#primaryimage\",\"url\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cms_x3GWkuX\\\/wp-content\\\/uploads\\\/2014\\\/07\\\/softlayer-vyos-1.png\",\"contentUrl\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cms_x3GWkuX\\\/wp-content\\\/uploads\\\/2014\\\/07\\\/softlayer-vyos-1.png\",\"width\":803,\"height\":306},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/softlayer\\\/5191#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"HOME\",\"item\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u30af\u30e9\u30a6\u30c9\u30cd\u30a4\u30c6\u30a3\u30d6\",\"item\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"softlayer\",\"item\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/softlayer\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30eb\u30fc\u30bfVyatta\u3068VyOS\u3092\u7528\u3044\u3066SoftLayer\u3068\u30aa\u30d5\u30a3\u30b9\u3092IPsec VPN\u63a5\u7d9a\u3059\u308b #softlayer\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/#website\",\"url\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/\",\"name\":\"Tech Blog\uff5c\u30af\u30ea\u30a8\u30fc\u30b7\u30e7\u30f3\u30e9\u30a4\u30f3\",\"description\":\"\u30a2\u30b8\u30e3\u30a4\u30eb\uff06DevOps\u3001\u30af\u30e9\u30a6\u30c9\u30cd\u30a4\u30c6\u30a3\u30d6\u3001AI\uff06LLM\u306e\u5148\u7aef\u6280\u8853\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"ja\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/#\\\/schema\\\/person\\\/16f1373831fb6fd17387f16ae1195206\",\"name\":\"Daisuke Higuchi\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"ja\",\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cms_x3GWkuX\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/d-higuchi-wp-icon-230x230.png\",\"url\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cms_x3GWkuX\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/d-higuchi-wp-icon-230x230.png\",\"contentUrl\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cms_x3GWkuX\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/d-higuchi-wp-icon-230x230.png\",\"caption\":\"Daisuke Higuchi\"},\"description\":\"Chef\u30fbDocker\u30fbMirantis\u88fd\u54c1\u306a\u3069\u306e\u6280\u8853\u8981\u7d20\u306b\u52a0\u3048\u3066\u3001\u4f1a\u8b70\u306e\u9032\u3081\u65b9\u30fb\u6587\u7ae0\u306e\u66f8\u304d\u65b9\u306a\u3069\u306e\u696d\u52d9\u6539\u5584\u306b\u3082\u53d6\u308a\u7d44\u3093\u3067\u3044\u307e\u3059\u3002\u300cChef\u6d3b\u7528\u30ac\u30a4\u30c9\u300d\u5171\u8457\u306e\u307b\u304b\u3001Debian Official Developer\u3082\u3084\u3063\u3066\u3044\u307e\u3059\u3002\",\"url\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/author\\\/higuchi\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30eb\u30fc\u30bfVyatta\u3068VyOS\u3092\u7528\u3044\u3066SoftLayer\u3068\u30aa\u30d5\u30a3\u30b9\u3092IPsec VPN\u63a5\u7d9a\u3059\u308b #softlayer - Tech Blog\uff5c\u30af\u30ea\u30a8\u30fc\u30b7\u30e7\u30f3\u30e9\u30a4\u30f3","description":"d-higuchi, softlayer |VyOS \u3068\u306f VyOS \u3068\u306f\u3001\u30aa\u30fc\u30d7\u30f3\u30bd\u30fc\u30b9\u3067\u958b\u767a\u3055\u308c\u3066\u3044\u308b\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30eb\u30fc\u30bf\u3067\u3059\u3002Debian GNU\/Linux","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/softlayer\/5191","og_locale":"ja_JP","og_type":"article","og_title":"\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30eb\u30fc\u30bfVyatta\u3068VyOS\u3092\u7528\u3044\u3066SoftLayer\u3068\u30aa\u30d5\u30a3\u30b9\u3092IPsec VPN\u63a5\u7d9a\u3059\u308b #softlayer - Tech Blog\uff5c\u30af\u30ea\u30a8\u30fc\u30b7\u30e7\u30f3\u30e9\u30a4\u30f3","og_description":"d-higuchi, softlayer |VyOS \u3068\u306f VyOS \u3068\u306f\u3001\u30aa\u30fc\u30d7\u30f3\u30bd\u30fc\u30b9\u3067\u958b\u767a\u3055\u308c\u3066\u3044\u308b\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30eb\u30fc\u30bf\u3067\u3059\u3002Debian GNU\/Linux","og_url":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/softlayer\/5191","og_site_name":"Tech Blog\uff5c\u30af\u30ea\u30a8\u30fc\u30b7\u30e7\u30f3\u30e9\u30a4\u30f3","article_publisher":"https:\/\/www.facebook.com\/creationline","article_published_time":"2014-07-14T02:30:49+00:00","article_modified_time":"2023-08-29T03:56:20+00:00","og_image":[{"width":803,"height":306,"url":"https:\/\/www.creationline.com\/tech-blog\/cms_x3GWkuX\/wp-content\/uploads\/2014\/07\/softlayer-vyos-1.png","type":"image\/png"}],"author":"Daisuke Higuchi","twitter_card":"summary_large_image","twitter_creator":"@creationline","twitter_site":"@creationline","twitter_misc":{"\u57f7\u7b46\u8005":"Daisuke Higuchi","\u63a8\u5b9a\u8aad\u307f\u53d6\u308a\u6642\u9593":"11\u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/softlayer\/5191#article","isPartOf":{"@id":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/softlayer\/5191"},"author":{"name":"Daisuke Higuchi","@id":"https:\/\/www.creationline.com\/tech-blog\/#\/schema\/person\/16f1373831fb6fd17387f16ae1195206"},"headline":"\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30eb\u30fc\u30bfVyatta\u3068VyOS\u3092\u7528\u3044\u3066SoftLayer\u3068\u30aa\u30d5\u30a3\u30b9\u3092IPsec VPN\u63a5\u7d9a\u3059\u308b #softlayer","datePublished":"2014-07-14T02:30:49+00:00","dateModified":"2023-08-29T03:56:20+00:00","mainEntityOfPage":{"@id":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/softlayer\/5191"},"wordCount":560,"image":{"@id":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/softlayer\/5191#primaryimage"},"thumbnailUrl":"https:\/\/www.creationline.com\/tech-blog\/cms_x3GWkuX\/wp-content\/uploads\/2014\/07\/softlayer-vyos-1.png","articleSection":["d-higuchi","softlayer"],"inLanguage":"ja"},{"@type":"WebPage","@id":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/softlayer\/5191","url":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/softlayer\/5191","name":"\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30eb\u30fc\u30bfVyatta\u3068VyOS\u3092\u7528\u3044\u3066SoftLayer\u3068\u30aa\u30d5\u30a3\u30b9\u3092IPsec VPN\u63a5\u7d9a\u3059\u308b #softlayer - Tech Blog\uff5c\u30af\u30ea\u30a8\u30fc\u30b7\u30e7\u30f3\u30e9\u30a4\u30f3","isPartOf":{"@id":"https:\/\/www.creationline.com\/tech-blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/softlayer\/5191#primaryimage"},"image":{"@id":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/softlayer\/5191#primaryimage"},"thumbnailUrl":"https:\/\/www.creationline.com\/tech-blog\/cms_x3GWkuX\/wp-content\/uploads\/2014\/07\/softlayer-vyos-1.png","datePublished":"2014-07-14T02:30:49+00:00","dateModified":"2023-08-29T03:56:20+00:00","author":{"@id":"https:\/\/www.creationline.com\/tech-blog\/#\/schema\/person\/16f1373831fb6fd17387f16ae1195206"},"description":"d-higuchi, softlayer |VyOS \u3068\u306f VyOS \u3068\u306f\u3001\u30aa\u30fc\u30d7\u30f3\u30bd\u30fc\u30b9\u3067\u958b\u767a\u3055\u308c\u3066\u3044\u308b\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30eb\u30fc\u30bf\u3067\u3059\u3002Debian GNU\/Linux","breadcrumb":{"@id":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/softlayer\/5191#breadcrumb"},"inLanguage":"ja","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.creationline.com\/tech-blog\/cloudnative\/softlayer\/5191"]}]},{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/softlayer\/5191#primaryimage","url":"https:\/\/www.creationline.com\/tech-blog\/cms_x3GWkuX\/wp-content\/uploads\/2014\/07\/softlayer-vyos-1.png","contentUrl":"https:\/\/www.creationline.com\/tech-blog\/cms_x3GWkuX\/wp-content\/uploads\/2014\/07\/softlayer-vyos-1.png","width":803,"height":306},{"@type":"BreadcrumbList","@id":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/softlayer\/5191#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"HOME","item":"https:\/\/www.creationline.com\/tech-blog"},{"@type":"ListItem","position":2,"name":"\u30af\u30e9\u30a6\u30c9\u30cd\u30a4\u30c6\u30a3\u30d6","item":"https:\/\/www.creationline.com\/tech-blog\/cloudnative"},{"@type":"ListItem","position":3,"name":"softlayer","item":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/softlayer"},{"@type":"ListItem","position":4,"name":"\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30eb\u30fc\u30bfVyatta\u3068VyOS\u3092\u7528\u3044\u3066SoftLayer\u3068\u30aa\u30d5\u30a3\u30b9\u3092IPsec VPN\u63a5\u7d9a\u3059\u308b #softlayer"}]},{"@type":"WebSite","@id":"https:\/\/www.creationline.com\/tech-blog\/#website","url":"https:\/\/www.creationline.com\/tech-blog\/","name":"Tech Blog\uff5c\u30af\u30ea\u30a8\u30fc\u30b7\u30e7\u30f3\u30e9\u30a4\u30f3","description":"\u30a2\u30b8\u30e3\u30a4\u30eb\uff06DevOps\u3001\u30af\u30e9\u30a6\u30c9\u30cd\u30a4\u30c6\u30a3\u30d6\u3001AI\uff06LLM\u306e\u5148\u7aef\u6280\u8853","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.creationline.com\/tech-blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"ja"},{"@type":"Person","@id":"https:\/\/www.creationline.com\/tech-blog\/#\/schema\/person\/16f1373831fb6fd17387f16ae1195206","name":"Daisuke Higuchi","image":{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/www.creationline.com\/tech-blog\/cms_x3GWkuX\/wp-content\/uploads\/2023\/08\/d-higuchi-wp-icon-230x230.png","url":"https:\/\/www.creationline.com\/tech-blog\/cms_x3GWkuX\/wp-content\/uploads\/2023\/08\/d-higuchi-wp-icon-230x230.png","contentUrl":"https:\/\/www.creationline.com\/tech-blog\/cms_x3GWkuX\/wp-content\/uploads\/2023\/08\/d-higuchi-wp-icon-230x230.png","caption":"Daisuke Higuchi"},"description":"Chef\u30fbDocker\u30fbMirantis\u88fd\u54c1\u306a\u3069\u306e\u6280\u8853\u8981\u7d20\u306b\u52a0\u3048\u3066\u3001\u4f1a\u8b70\u306e\u9032\u3081\u65b9\u30fb\u6587\u7ae0\u306e\u66f8\u304d\u65b9\u306a\u3069\u306e\u696d\u52d9\u6539\u5584\u306b\u3082\u53d6\u308a\u7d44\u3093\u3067\u3044\u307e\u3059\u3002\u300cChef\u6d3b\u7528\u30ac\u30a4\u30c9\u300d\u5171\u8457\u306e\u307b\u304b\u3001Debian Official Developer\u3082\u3084\u3063\u3066\u3044\u307e\u3059\u3002","url":"https:\/\/www.creationline.com\/tech-blog\/author\/higuchi"}]}},"_links":{"self":[{"href":"https:\/\/www.creationline.com\/tech-blog\/wp-json\/wp\/v2\/posts\/5191","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.creationline.com\/tech-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.creationline.com\/tech-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.creationline.com\/tech-blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.creationline.com\/tech-blog\/wp-json\/wp\/v2\/comments?post=5191"}],"version-history":[{"count":1,"href":"https:\/\/www.creationline.com\/tech-blog\/wp-json\/wp\/v2\/posts\/5191\/revisions"}],"predecessor-version":[{"id":65751,"href":"https:\/\/www.creationline.com\/tech-blog\/wp-json\/wp\/v2\/posts\/5191\/revisions\/65751"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.creationline.com\/tech-blog\/wp-json\/wp\/v2\/media\/5197"}],"wp:attachment":[{"href":"https:\/\/www.creationline.com\/tech-blog\/wp-json\/wp\/v2\/media?parent=5191"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.creationline.com\/tech-blog\/wp-json\/wp\/v2\/categories?post=5191"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.creationline.com\/tech-blog\/wp-json\/wp\/v2\/tags?post=5191"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}