基于思科设备得VPN实现(八)

l）#
 Comany（config-ext-nacl）#exit
 Comany（config）#crypto ipsec transform-set a esp-des esp-sha-hmac 
 Comany(cfg-crypto-trans)#mode transport
 Comany(cfg-crypto-trans)#
 Comany(cfg-crypto-trans)#exit
 Comany（config）#crypto map mymap 10 ipsec-isakmp
 Comany（config-crypto-map）#match address ToComany1
 Comany（config-crypto-map）#set transform-set a 
 Comany（config-crypto-map）#set peer 172.16.1.1 
 Comany（config-crypto-map）#
 Comany（config-crypto-map）#exit
 Comany（config）#interface s0/1 
 Comany（config-if）#crypto map mymap
 Comany（config-if）#
 Comany（config-if）#exit
 Comany（config）#
 Comany（config）#ip access-list extended perimeter
 Comany（config-ext-nacl）#no permit gre host 172.16.1.1 host 172.16.0.1
 Comany（config-ext-nacl）#
 Comany（config-ext-nacl）#en
 Comany#
 配置总公司到分公司2的GRE加密
 Comany（config）#crypto isakmp enable 
 Comany（config）#crypto isakmp identity address
 Comany（config）#crypto isakmp policy 1
 Comany（config-isakmp）#encryption des        
 Comany（config-isakmp）#authentication pre-share 
 Comany（config-isakmp）#group 1   
 Comany（config-isakmp）#hash sha   
 Comany（config-isakmp）#exit
 Comany（config）#
 Comany（config）#crypto isakmp key cisco123456 address 172.16.2.1 no-xauth
 Comany（config）#ip access-list extended ToComany2
 Comany（config-ext-nacl）#permit gre host 172.16.0.1 host 172.16.2.1
 Comany（config-ext-nacl）#
 Comany（config-ext-nacl）#exit
 Comany（config）#crypto ipsec transform-set b esp-des esp-sha-hmac 
 Comany(cfg-crypto-trans)#mode transport
 Comany(cfg-crypto-trans)#
 Comany(cfg-crypto-trans)#exit
 Comany（config）#crypto map mymap1 1 ipsec-isakmp
 Comany（config-crypto-map）#match address ToComany2
 Comany（config-crypto-map）#set transform-set b 
 Comany（config-crypto-map）#set peer 172.16.2.1 
 Comany（config-crypto-map）#
 Comany（config-crypto-map）#exit
 Comany（config）#interface s0/1 
 Comany（config-if）#crypto map mymap1
 Comany（config-if）#
 Comany（config-if）#exit
 Comany（config）#
 Comany（config）#ip access-list extended perimeter
 Comany（config-ext-nacl）#no permit gre host 172.16.2.1 host 172.16.0.1
 Comany（config-ext-nacl）#
 Comany（config-ext-nacl）#en
 Comany#
 5.3.2 分公司1路由器配置
 Comany1（config）#crypto isakmp enable 
 Comany1（config）#crypto isakmp identity address
 Comany1（config）#crypto isakmp policy 10
 Comany1（config-isakmp）#encryption des        
 Comany1（config-isakmp）#authentication pre-share 
 Comany1（config-isakmp）#group 2    
 Comany1（config-isakmp）#hash sha   
 Comany1（config-isakmp）#exit
 Comany1（config）#
 Comany1（config）#crypto

首页 上一页 5 6 7 8 9 10 下一页 尾页 8/10/10

基于思科设备得VPN实现(八)相关范文