拓扑图如下:
图中R2和R4充当内网下的客户机,指定默认网关,首先完成R1、R2、R3和R4的基础配置。
在R1和R3之间通过Tunnel来建立×××,在R1、ISP和R3上启用OSPF路由协议。
发下是×××部分的配置:
R1:
conf t
int tunnel 0
ip add 1.1.1.1 255.255.255.252
tunnel source 100.1.1.1
tunnel destination 200.1.1.1
no shut
exit
crypto isakmp enable
crypto isakmp policy 1
encryption aes
hash sha
group 2
authentication pre-share
exit
crypto isakmp key 6 IPSEC-TUNNEL address 200.1.1.1
access-list 100 permit gre host 1.1.1.1 host 1.1.1.2
access-list 100 permit ip 10.1.1.0 0.0.0.3 192.168.1.0 0.0.0.255
crypto ipsec transform-set myset ah-md5-hmac esp-sha-hmac esp-aes
mode tunnel
exit
crypto map mymap 1 ipsec-isakmp
match address 100
set transform-set myset
set peer 200.1.1.1
exit
int tunnel 0
crypto map mymap
int e0/1
crypto map mymap
endR3:
conf t
int tunnel 0
ip add 1.1.1.2 255.255.255.252
tunnel source 200.1.1.1
tunnel destination 100.1.1.1
no shut
exit
crypto isakmp enable
crypto isakmp policy 1
encryption aes
hash sha
group 2
authentication pre-share
exit
crypto isakmp key 6 IPSEC-TUNNEL address 100.1.1.1
access-list 100 permit gre host 1.1.1.2 host 1.1.1.1
access-list 100 permit ip 192.168.1.0 0.0.0.255 10.1.1.0 0.0.0.3
crypto ipsec transform-set myset ah-md5-hmac esp-sha-hmac esp-aes
mode tunnel
exit
crypto map mymap 1 ipsec-isakmp
match address 100
set transform-set myset
set peer 100.1.1.1
exit
int tunnel 0
crypto map mymap
int e0/0
crypto map mymap
end转载于:https://blog.51cto.com/yinkai/1559457
79
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
