Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Site To Site VPN

    Încărcat de

    Rade Pralica
    11 vizualizări2 pagini
    Ipscc and gre tunnel

    Titlu original

    IPSEC

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    RTF, PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    Ipscc and gre tunnel

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca RTF, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    11 vizualizări2 pagini

    Site To Site VPN

    Încărcat de

    Rade Pralica
    Ipscc and gre tunnel

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca RTF, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 2

    Tunnel

    Router3(config)#tunnel mode ipsec ipv4


    Router3(config)#ip route 11.11.11.0 255.255.255.0 192.168.12.1
    Router3(config)#crypto isakmp policy 10
    Router3(config)#encr aes 256
    Router3(config)#authentication pre-share
    Router3(config)#group 5
    Router3(config)#crypto isakmp key WAULT address 192.168.12.1 (address
    destination tunnel)
    Router3(config)#crypto ipsec transform-set TRANSFORM esp-aes esp-sha-hmac
    Router3(config)#crypto ipsec profile PROTECT
    Router3(ipsec-profile)#set transform-set TRANSFORM
    Router3(config)#interface tunnel13
    Router3(config-if)#ip address 192.168.13.3 255.255.255.0
    Router3(config-if)#tunnel source FastEthernet0/0
    Router3(config-if)#tunnel destination 192.168.12.1
    Router3(config-if)#tunnel mode ipces ipv4
    Router3(config-if)#tunnel protection ipsec profile PROTECT
    Site to site vpn
    R3(config)#crypto isakmp policy 10
    R3(config-isakmp)#authentication pre-share
    R3(config-isakmp)#encryption aes 2
    R3(config-isakmp)#encryption aes 256
    R3(config-isakmp)#hash sha
    R3(config-isakmp)#group 5
    R3(config-isakmp)#lifetime 3600
    R3(config)#crypto isakmp key 0 RADE address 192.168.12.1
    R3(config)#crypto ipsec transform-set TRANSFORM esp-aes 256 esp-sha-hmac
    R3(config)#crypto ipsec security-association lifetime seconds 1800
    R3(config)#crypto map MYMAP 10 Ipsec-isakmp
    % NOTE: This new crypto map will remain disabled until a peer
    and a valid access list have been configured.
    R3(config-crypto-map)#match address 100
    R3(config-crypto-map)#set peer 192.168.12.1
    R3(config-crypto-map)#set security-association lifetime seconds 1800

    R3(config-crypto-map)#set pfs group5


    R3(config-crypto-map)#set transform-set TRANSFORM
    R3(config-if)#crypto map MYMAP

    S-ar putea să vă placă și