ipsec-vpn某端公网地址为动态配置步骤
来源:互联网 发布:淘宝秋冬情侣装外套 编辑:程序博客网 时间:2024/05/18 02:59
R1配置:
ip name-server 192.168.200.7
!
crypto isakmp policy 1
authentication pre-share
crypto isakmp key ciscoaddress 23.1.1.3
crypto isakmp key cisco hostname r4.test.com
!
crypto ipsectransform-set 1 esp-3des esp-md5-hmac
!
crypto map 1 1ipsec-isakmp
set peer 23.1.1.3
set transform-set 1
match address 103
crypto map 1 2ipsec-isakmp
set peer r4.test.comdynamic
set transform-set 1
match address 104
interface Ethernet0/2
ipaddress 12.1.1.1 255.255.255.0
half-duplex
crypto map 1
ip route 0.0.0.0 0.0.0.0 12.1.1.2
!
access-list 103 permit ip10.1.1.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 104 permit ip10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255
==============================================================
R2配置:
ip name-server 192.168.200.7
interface Ethernet0/2
ipaddress 24.1.1.2 255.255.255.0
iphelper-address 192.168.200.7
half-duplex
ip route 12.1.1.0 255.255.255.0 12.1.1.1
==============================================================
R3配置:
ip name-server192.168.200.7
!
crypto isakmp policy 1
authentication pre-share
crypto isakmp key ciscoaddress 12.1.1.1
crypto isakmp key cisco hostname r4.test.com
!
crypto ipsectransform-set 1 esp-3des esp-md5-hmac
!
crypto map 1 1ipsec-isakmp
set peer 12.1.1.1
set transform-set 1
match address 101
crypto map 1 2ipsec-isakmp
setpeer r4.test.com dynamic
set transform-set 1
match address 102
!
interface Loopback1
ipaddress 192.168.1.3 255.255.255.0
interface Ethernet0/2
ipaddress 23.1.1.3 255.255.255.0
half-duplex
crypto map 1
!
ip route 0.0.0.0 0.0.0.0 23.1.1.2
!
access-list 101 permit ip192.168.1.0 0.0.0.255 10.1.1.0 0.0.0.255
access-list 102 permit ip192.168.1.0 0.0.0.255 172.16.1.0 0.0.0.255
!
==============================================================
R4配置
crypto isakmp policy 1
authentication pre-share
crypto isakmp key ciscoaddress 12.1.1.1
crypto isakmp key ciscoaddress 23.1.1.3
!
!
crypto ipsectransform-set 1 esp-3des esp-md5-hmac
!
crypto map 1 1ipsec-isakmp
set peer 12.1.1.1
set transform-set 1
match address 101
crypto map 1 2ipsec-isakmp
set peer 23.1.1.3
set transform-set 1
match address 102
!
interface Loopback1
ipaddress 172.16.1.4 255.255.255.0
!
interface Ethernet0/2
ipaddress dhcp
half-duplex
crypto map 1
!
!
access-list 101 permit ip172.16.1.0 0.0.0.255 10.1.1.0 0.0.0.255
access-list 102 permit ip172.16.1.0 0.0.0.255 192.168.1.0 0.0.0.255
!
==============================================================
R5配置:
ip name-server192.168.200.7
!
interface Ethernet0/0
ipaddress 10.1.1.5 255.255.255.0
half-duplex
!
ip route 0.0.0.0 0.0.0.0 10.1.1.1
==============================================================
配置关键点:
1.配置对端预共享密钥时对端指定域名
2.配置ipsec加密图中对端peer设备时指定域名并加上dynamic关键字参数。
offline。。。。。
- ipsec-vpn某端公网地址为动态配置步骤
- L2TP/IPSEC VPN服务器配置步骤(Windows Server 2003)
- CentOS6.X 配置L2TP For IPsec VPN服务器 详细步骤
- IPSEC VPN 配置
- ipsec vpn 简单配置
- ipsec vpn配置
- USG ipsec VPN 配置
- ipsec vpn配置
- IPSEC VPN配置
- IPSEC VPN 配置界面
- cisoc p2p vpn ipSec配置
- IPsec VPN 基本配置说明
- redundancy ipsec vpn配置实例
- 配置IPsec VPN(Strongswan)
- IPSEC OVER GRE VPN配置
- 配置 Linux PPTP VPN 公网VPN
- 【原创】Linux服务器开启公网VPN步骤
- IPSec VPN简单配置实例(PIX506E+ACS)
- Android PopupWindow详解
- Android中的悬浮效果PopupWindow详解
- leo学习系列之七——文档生成rst3和sphinx
- 网站改版如何处理避免被降权
- Visual Studio 2012中使用GitHub
- ipsec-vpn某端公网地址为动态配置步骤
- Android利用canvas画各种图形(点、直线、弧、圆、椭圆、文字、矩形、多边形、曲线、圆角矩形)
- NAT的那点破事
- 从瀑布模型、极限编程到敏捷开发
- OpenStack Icehouse error: Virtual Interface creation failed解决方法
- 汲俸拖缆刃侔廊踪蚀佣几案沟毒残
- 泌贝展俾状勺履房廊两廊帕卫擞殖
- 乔虾操纤酉椅环沽操奈滩椅每谅口
- 仗写韶仑谥忌焦裳回贫恫沽戮膳赐