rakis
Member | Редактировать | Профиль | Сообщение | ICQ | Цитировать | Сообщить модератору gades# sh run tunnel-group tunnel-group 80.x.x.x type ipsec-l2l tunnel-group 80.x.x.x ipsec-attributes pre-shared-key * gades# sh run crypto ipsec crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 gades# sh run crypto isakmp crypto isakmp identity address crypto isakmp enable outside crypto isakmp policy 1 authentication pre-share encryption 3des hash sha group 2 lifetime 43200 no crypto isakmp nat-traversal gades# sh run crypto map crypto map outside_map 1 match address 100 crypto map outside_map 1 set peer GUARD crypto map outside_map 1 set transform-set ESP-3DES-SHA crypto map outside_map interface outside gades# sh run access-list 100 access-list 100 extended permit ip 192.168.0.0 255.255.255.0 172.16.0.0 255.255.255.0 guard# sh run tunnel-group tunnel-group 62.y.y.y type ipsec-l2l tunnel-group 62.y.y.y ipsec-attributes pre-shared-key * guard# sh run crypto ipsec crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 guard# sh run crypto isakmp crypto isakmp identity address crypto isakmp enable outside crypto isakmp policy 1 authentication pre-share encryption 3des hash sha group 2 lifetime 43200 no crypto isakmp nat-traversal guard# sh run crypto map crypto map outside_map 1 match address 100 crypto map outside_map 1 set peer GADES crypto map outside_map 1 set transform-set ESP-3DES-SHA crypto map outside_map interface outside guard# sh run access-list 100 access-list 100 extended permit ip 172.16.0.0 255.255.255.0 192.168.0.0 255.255.255.0 NAT для трафика между этиме сетями отключен | Всего записей: 379 | Зарегистр. 17-01-2006 | Отправлено: 20:03 03-08-2009 | Исправлено: rakis, 22:31 03-08-2009 |
|