本地IP:8.8.8.8
acl advanced 3600
rule 0 permit ip source 10.2.2.0 0.0.0.3 destination 192.168.20.0 0.0.0.255
rule 5 permit ip source 10.2.2.0 0.0.0.3 destination 192.168.10.0 0.0.0.255
rule 10 permit ip source 172.2.2.0 0.0.0.255 destination 192.168.20.0 0.0.0.255
rule 15 permit ip source 172.2.2.0 0.0.0.255 destination 192.168.10.0 0.0.0.255
ipsec transform-set abc(ipsec安全提议)
esp encryption-algorithm des-cbc
esp authentication-algorithm md5
ike proposal 3 (ike提议)
authentication-algorithm md5
encryption-algorithm des-cbc
authentication-method pre-share
dh group2
ikev2 proposal 3(ike2提议)
encryption des-cbc
integrity md5
dh group2
ike keychain abc(ike密钥)
pre-shared-key address 0.0.0.0 0.0.0.0 key simple a12345678
ikev2 keychain abc(ike2密钥)
peer 3
identity fqdn xdmy
pre-s