Cisco ipsec preshared
Материал из Xgu.ru
version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname dyn2 ! boot-start-marker boot-end-marker ! ! no aaa new-model ip subnet-zero ! ! ip host dyn4 192.168.4.4 ! ! ip cef ip audit po max-events 100 dyn2#sh run Building configuration... Current configuration : 1290 bytes ! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname dyn2 ! boot-start-marker boot-end-marker ! ! no aaa new-model ip subnet-zero ! ! ip host dyn4 192.168.4.4 ! ! ip cef ip audit po max-events 100 no ftp-server write-enable ! crypto isakmp policy 10 hash md5 authentication pre-share crypto isakmp key cisco address 192.168.3.4 no-xauth ! crypto ipsec security-association lifetime seconds 36000 ! crypto ipsec transform-set MINE esp-des esp-md5-hmac ! crypto map SNRS 103 ipsec-isakmp set peer 192.168.3.4 set transform-set MINE match address 103 ! ! interface FastEthernet0/0 ip address 192.168.1.2 255.255.255.0 duplex half ! interface FastEthernet1/0 ip address 192.168.2.2 255.255.255.0 duplex half crypto map SNRS ! router ospf 1 router-id 192.168.2.2 log-adjacency-changes network 192.168.0.0 0.0.255.255 area 0 ! ip default-gateway 192.168.2.3 ip classless ip route 0.0.0.0 0.0.0.0 192.168.2.3 no ip http server no ip http secure-server ! access-list 103 permit ip 192.168.1.0 0.0.0.255 192.168.4.0 0.0.0.255 ! control-plane ! ! gatekeeper shutdown ! ! line con 0 stopbits 1 line aux 0 stopbits 1 line vty 0 4 login ! end