Cisco ipsec preshared

Материал из Xgu.ru

Перейти к: навигация, поиск

Snrs ipsec preshared 1.png

version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname dyn2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip subnet-zero
!
!
ip host dyn4 192.168.4.4
!
!
ip cef
ip audit po max-events 100
          
dyn2#sh run
Building configuration...

Current configuration : 1290 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname dyn2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip subnet-zero
!
!
ip host dyn4 192.168.4.4
!
!
ip cef
ip audit po max-events 100
no ftp-server write-enable
!         
crypto isakmp policy 10
 hash md5 
 authentication pre-share
crypto isakmp key cisco address 192.168.3.4 no-xauth
!         
crypto ipsec security-association lifetime seconds 36000
!         
crypto ipsec transform-set MINE esp-des esp-md5-hmac 
!         
crypto map SNRS 103 ipsec-isakmp 
 set peer 192.168.3.4
 set transform-set MINE 
 match address 103
!         
!         
interface FastEthernet0/0
 ip address 192.168.1.2 255.255.255.0
 duplex half
!         
interface FastEthernet1/0
 ip address 192.168.2.2 255.255.255.0
 duplex half
 crypto map SNRS
!         
router ospf 1
 router-id 192.168.2.2
 log-adjacency-changes
 network 192.168.0.0 0.0.255.255 area 0
!         
ip default-gateway 192.168.2.3
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.2.3
no ip http server
no ip http secure-server
!         
access-list 103 permit ip 192.168.1.0 0.0.0.255 192.168.4.0 0.0.0.255
!         
control-plane
!         
!         
gatekeeper
 shutdown 
!         
!         
line con 0
 stopbits 1
line aux 0
 stopbits 1
line vty 0 4
 login    
!         
end