首页 > 英语园地

[整理]ipcvpn远端动态接入主模式与积极模式.

更新时间:2023-06-20 08:13:30 阅读: 评论:0

分部分配动态ip 总部用固定ip 分部作为发起方
R1 (主模式)
Crypto isakmp polocy 10 (五元组)
Encr 3des
Authentication pre-share
Group 2cf的全称
Lifetime 86400
理事长英文Hash sha
Crypto isakem identity address (用id 标识)
Crypto isakmp key 0 sunan address 0.0.0.0 (对端接入不知道对端ip 用0.0.0.0)Crypto ipc transform-t t10 esp-3des esp-sha-hmac (设置变换集)Mode tr
Exit
Access-list 111 permit ip 192.168.2.0 0.0.0.255 any (同样不知道对端感兴趣流量用any)
Crypto dynamic-map p1 10 (设置加密图动态)
Set transform-t t10
Match address 111
Crypto map p2 90 ipc-isakmp dynamic p1 (因为接口上要绑静态加密图所以把动态图绑到静态上)
Int f 0/0 (绑静态图)
Crypto map p2
online是什么意思
R2
crypto isakmp enable
crypto isakmp policy 10
encryption 3des
hash sha
authentication pre-share
group 2
lifetime 86400
exit
crypto isakemp identity address
cdc是什么缩写crypto isakmp key 0 sunan address 202.103.96.112 (总部ip是知道的并且这是分部做为发起方的条件)
crypto ipc transform-t t10 esp-3des esp-sha-hmac mode tr
exit
access-list 111 permit ip 192.168.3.0 0.0.0.255 192.168.2.0 0.0.0.255 (感兴趣流量分部也知道的)
cryto map p1 10 ipc-isakmp
mouthfult peer 202.103.96.112
t transorm-t t10
match address 111
exit
int f0/0
crypto map p1
R1 show run
Current configuration : 1329 bytes
!
version 12.4
rvice timestamps debug datetime mc
rvice timestamps log datetime mc
no rvice password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
!
multilink bundle-name authenticated
!
!
!
project fiona!
!!
archive
log config
hidekeys
!
!
crypto isakmp policy 10
encr 3des
authentication pre-share
group 2
crypto isakmp key sunan address 0.0.0.0 0.0.0.0
!
!
crypto ipc transform-t t10 esp-3des esp-sha-hmac mode transport
!
crypto dynamic-map p1 10
t transform-t t10
match address 111
crypto dynamic-map p1 20
t transform-t t10
!
!
crypto map p2 90 ipc-isakmp dynamic p1
!
!
!
!
!
守护天使英文
!
!
interface FastEthernet0/0
ip address 202.103.96.112 255.255.255.0
duplex auto
speed auto
crypto map p2
!
interface FastEthernet0/1
ip address 192.168.2.1 255.255.255.0
duplex auto
speed auto
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 202.103.96.113 (没路由一切都是浮云)!
!
no ip http rver
no ip http cure-rver
a third dimension!
access-list 111 permit ip 192.168.2.0 0.0.0.255 any
no cdp run
!
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
exec-timeout 0 0
fhqlogging synchronousaninterview
line vty 0 4
login
!
!
end
R1#un all
All possible debugging has been turned off
R2 show run
R2#sh run
Current configuration : 1238 bytes
!
version 12.4
rvice timestamps debug datetime mc
rvice timestamps log datetime mc
no rvice password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
no ip domain lookup
!
multilink bundle-name authenticated
!
!
archive
log config
hidekeys
!
!
crypto isakmp policy 10
encr 3des
authentication pre-share
group 2
crypto isakmp key sunan address 202.103.96.112
!
!
crypto ipc transform-t t10 esp-3des esp-sha-hmac mode transport
!
crypto map p1 10 ipc-isakmp
t peer 202.103.96.112
t transform-t t10
match address 111
!!
interface FastEthernet0/0
ip address 202.103.96.113 255.255.255.0
duplex auto

本文发布于:2023-06-20 08:13:30,感谢您对本站的认可!

本文链接:https://www.wtabcd.cn/fanwen/fan/78/997035.html

版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系,我们将在24小时内删除。

上一篇:cisco设备构建典型局域网
下一篇:光缆行业常用英文词汇
标签:知道   对端   加密   分部   动态   静态   流量   感兴趣
相关文章
留言与评论(共有 0 条评论)
   
验证码:
推荐文章
排行榜
热门标签
Copyright ©2019-2022 Comsenz Inc.Powered by © 专利检索| 网站地图