lunes, 2 de abril de 2012

VPN Site to Site






VPN site to site
1.Definir ISAKMP policy
2.Definie Tansform-SET
3.Define ACL , para definir que vamos a encriptar
4.Crear crypto map , aplicar a una interface


R1
crypto isakmp policy 10
encr aes 256
authentication pre-share
group 2
!
crypto isakmp key CISCO address 2.2.2.1
!
crypto ipsec transform-set TSET esp-aes esp-sha-hmac
!
crypto map CRYPTO 10 ipsec-isakmp
set peer 2.2.2.1
set transform-set TSET
match address 101
!
interface Serial0/0
ip address 1.1.1.1 255.255.255.252
serial restart-delay 0
crypto map CRYPTO
!
 
R3
crypto isakmp policy 10
encr aes 256
authentication pre-share
group 2
crypto isakmp key CISCO address 1.1.1.1
!
crypto ipsec transform-set TSET esp-aes esp-sha-hmac
!
crypto map CRYPTO 10 ipsec-isakmp
set peer 1.1.1.1
set transform-set TSET
match address 101
!
interface Serial0/0
ip address 2.2.2.1 255.255.255.252
crypto map CRYPTO



Publicado por en

No hay comentarios:

Publicar un comentario

Suscribirse a: Enviar comentarios (Atom)