Методические материалы Лохтурова Вячеслава

User Tools

Site Tools

Trace: cisco_ipsec
cisco_ipsec

This is an old revision of the document!

Table of Contents

Cisco IPsec

LAN-to-LAN IPsec Tunnel

http://www.cisco.com/en/US/products/hw/routers/ps221/products_configuration_example09186a008073e078.shtml

router.corpX.un

crypto isakmp policy 10
 hash md5
 authentication pre-share
crypto isakmp key cisco123 address 172.16.1.Y
!
crypto ipsec transform-set myset esp-des esp-md5-hmac
!
crypto map mymap 10 ipsec-isakmp
 set peer 172.16.1.Y
 set transform-set myset
 match address 100
!
interface FastEthernet0/0
 ip address 192.168.X.1 255.255.255.0
 ip nat inside
!
interface FastEthernet1/0
 ip address 172.16.1.X 255.255.255.0
 ip nat outside
 crypto map mymap
!
ip route 0.0.0.0 0.0.0.0 172.16.1.254
!
ip nat inside source list ACL_NAT interface FastEthernet1/0 overload
!
ip access-list extended ACL_NAT
 deny   ip any 192.168.Y.0 0.0.0.255
 permit ip 192.168.X.0 0.0.0.255 any
!
access-list 100 permit ip 192.168.X.0 0.0.0.255 192.168.Y.0 0.0.0.255
cisco_ipsec.1374657464.txt.gz · Last modified: 2013/07/24 13:17 by val

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Run on Debian Driven by DokuWiki