扫一扫
分享文章到微信
扫一扫
关注官方公众号
至顶头条
IP sec的VPN考配置
左边的router:
crypto isakmp policy 1
hash md5
authentication pre-share
crypto isakmp key cisco123 address 202.96.15.88
!
crypto ipsec transform-set rtpset esp-des esp-md5-hmac
!
crypto map rtp 1 ipsec-isakmp
set peer 202.96.15.88
set transform-set rtpset
match address 102
!
interface Ethernet0/0
ip address 192.168.1.1 255.255.255.0
no ip directed-broadcast
ip nat inside
!
interface Ethernet0/1
ip address 61.153.158.44 255.255.255.0
no ip directed-broadcast
ip nat outside
no ip route-cache
no ip mroute-cache
crypto map rtp
ip nat inside source route-map nonat interface Ethernet0/1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 61.153.158.4x(网关)
no ip http server
access-list 101deny ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
access-list 102 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
route-map nonat permit 10
match ip address 102
右边的router:
crypto isakmp policy 1
hash md5
authentication pre-share
crypto isakmp key cisco123 address 61.153.158.44
!
crypto ipsec transform-set rtpset esp-des esp-md5-hmac
!
crypto map rtp 1 ipsec-isakmp
set peer 61.153.158.44
set transform-set rtpset
match address 102
!
interface Ethernet0/0
ip address 192.168.2.1 255.255.255.0
no ip directed-broadcast
ip nat inside
!
interface Ethernet0/1
ip address 202.96.15.88 255.255.255.0
no ip directed-broadcast
ip nat outside
no ip route-cache
no ip mroute-cache
crypto map rtp
ip nat inside source route-map nonat interface Ethernet0/1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 202.96.15.8x(网关)
no ip http server
access-list 101deny ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 101 permit ip 192.168.2.0 0.0.0.255 any
access-list 102 permit ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255
route-map nonat permit 10
match ip address 102
如果您非常迫切的想了解IT领域最新产品与技术信息,那么订阅至顶网技术邮件将是您的最佳途径之一。
现场直击|2021世界人工智能大会
直击5G创新地带,就在2021MWC上海
5G已至 转型当时——服务提供商如何把握转型的绝佳时机
寻找自己的Flag
华为开发者大会2020(Cloud)- 科技行者
京公网安备 11010802021500号