首页 > √文章精选 > ipsec vpn完整配置

ipsec vpn完整配置

2009年4月14日 vi 发表评论 阅读评论

r2#sh run
Building configuration…

Current configuration : 1312 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname r2
!


!
username amdin privilege 15 password 0 admin
username vi privilege 15 password 0 admin
ip subnet-zero
!
!
no ip domain-lookup
!
ip audit notify log
ip audit po max-events 100
!
crypto isakmp policy 1
 hash md5
 authentication pre-share
crypto isakmp key cisco address 10.0.0.253
!
!
crypto ipsec transform-set evecom esp-des esp-md5-hmac
!
crypto map vpn_to_r1 10 ipsec-isakmp
 set peer 10.0.0.253
 set transform-set evecom
 match address 100
!
!
!
!
!
!
!
!
fax interface-type fax-mail
mta receive maximum-recipients 0
!
!
!
!        
interface Loopback0
 ip address 192.168.3.1 255.255.255.0
!
interface Ethernet0/0
 no ip address
 half-duplex
!
interface Serial0/0
 ip address 10.0.0.252 255.255.255.0
 no fair-queue
 crypto map vpn_to_r1
!
interface Ethernet0/1
 no ip address
 half-duplex
!
ip classless
ip route 192.168.4.0 255.255.255.0 10.0.0.253
ip http server
ip http authentication local
ip pim bidir-enable
!
!        
access-list 100 permit ip 192.168.3.0 0.0.0.255 192.168.4.0 0.0.0.255
!
call rsvp-sync
!
!
mgcp profile default
!
dial-peer cor custom
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 password admin
 login local
 transport input pad v120 telnet rlogin udptn ssh
!
!
end
         
r2#                         q

[Connection to 10.0.0.252 closed by foreign host]
r1#sh run
Building configuration…

Current configuration : 1293 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname r1
!
!
username admin privilege 15 password 0 admin
ip subnet-zero
!
!
!
ip audit notify log
ip audit po max-events 100
!
crypto isakmp policy 1
 hash md5
 authentication pre-share
crypto isakmp key cisco address 10.0.0.252
!        
!
crypto ipsec transform-set evecom esp-des esp-md5-hmac
!
crypto map vpn_to_r2 local-address Serial0/0
crypto map vpn_to_r2 10 ipsec-isakmp
 set peer 10.0.0.252
 set transform-set evecom
 match address 100
!
!
!
voice call carrier capacity active
!
!
!
!
!
!
!
!
!
mta receive maximum-recipients 0
!        
!
!
!    
interface Loopback0
 ip address 192.168.4.1 255.255.255.0
 !    
interface Ethernet0/0
 no ip address
 half-duplex
!
interface Serial0/0
 ip address 10.0.0.253 255.255.255.0
 no fair-queue
 clockrate 64000
 crypto map vpn_to_r2
!
interface Ethernet0/1
 no ip address
 half-duplex
!
ip classless
ip route 192.168.3.0 255.255.255.0 10.0.0.252
ip http server
!
!
access-list 100 permit ip 192.168.4.0 0.0.0.255 192.168.3.0 0.0.0.255
!
call rsvp-sync
!
voice-port 1/0/0
!
voice-port 1/0/1
!
!
mgcp profile default
!
dial-peer cor custom
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login local
 transport input pad v120 telnet rlogin udptn ssh
!        
!
end

r1#

分类: √文章精选 标签:
  1. 本文目前尚无任何评论.
  1. 本文目前尚无任何 trackbacks 和 pingbacks.