rakis
Member | Редактировать | Профиль | Сообщение | ICQ | Цитировать | Сообщить модератору
gades# sh run tunnel-group
tunnel-group 80.x.x.x type ipsec-l2l
tunnel-group 80.x.x.x ipsec-attributes
pre-shared-key *
gades# sh run crypto ipsec
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
gades# sh run crypto isakmp
crypto isakmp identity address
crypto isakmp enable outside
crypto isakmp policy 1
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 43200
no crypto isakmp nat-traversal
gades# sh run crypto map
crypto map outside_map 1 match address 100
crypto map outside_map 1 set peer GUARD
crypto map outside_map 1 set transform-set ESP-3DES-SHA
crypto map outside_map interface outside
gades# sh run access-list 100
access-list 100 extended permit ip 192.168.0.0 255.255.255.0 172.16.0.0 255.255.255.0
guard# sh run tunnel-group
tunnel-group 62.y.y.y type ipsec-l2l
tunnel-group 62.y.y.y ipsec-attributes
pre-shared-key *
guard# sh run crypto ipsec
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
guard# sh run crypto isakmp
crypto isakmp identity address
crypto isakmp enable outside
crypto isakmp policy 1
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 43200
no crypto isakmp nat-traversal
guard# sh run crypto map
crypto map outside_map 1 match address 100
crypto map outside_map 1 set peer GADES
crypto map outside_map 1 set transform-set ESP-3DES-SHA
crypto map outside_map interface outside
guard# sh run access-list 100
access-list 100 extended permit ip 172.16.0.0 255.255.255.0 192.168.0.0 255.255.255.0
NAT для трафика между этиме сетями отключен
|
Всего записей: 379 | Зарегистр. 17-01-2006 | Отправлено: 20:03 03-08-2009 | Исправлено: rakis, 22:31 03-08-2009 |
|
