Scribd Logo
Upload

Welcome to Scribd!

  • 9 views

    Flex Ra

    Uploaded by

    pravin1350

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Flex Ra

    Uploaded by

    pravin1350
    9 views6 pages

    Original Title

    flex-ra

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as txt, pdf, or txt
    9 views6 pages

    Flex Ra

    Uploaded by

    pravin1350

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as txt, pdf, or txt
    of 6

    hostname R1 ! boot-start-marker boot-end-marker ! ! crypto ikev2 authorization policy shiva pool admin route set access-list stacl !

    crypto ikev2 proposal shiva encryption aes-cbc-256 integrity sha512 group 5 ! crypto ikev2 policy shiva proposal shiva ! crypto ikev2 keyring shiva peer r2 address 102.1.1.100 pre-shared-key shiva ! ! ! crypto ikev2 profile shiva match identity remote address 102.1.1.100 255.255.255.255 authentication remote pre-share authentication local pre-share keyring local shiva aaa authorization group psk list default shiva virtual-template 1 ! ! ! ! ! crypto ipsec security-association lifetime seconds 1800 ! crypto ipsec transform-set t-set esp-aes esp-sha-hmac mode tunnel ! ! crypto ipsec profile shiva set transform-set t-set set ikev2-profile shiva ! ! crypto map test 10 ipsec-isakmp set peer 102.1.1.100 set transform-set t-set set ikev2-profile shiva match address 101 ! ! ! ! ! interface Loopback1

    ip address 192.168.101.1 255.255.255.0 ! interface FastEthernet0/0 no ip address shutdown duplex full ! interface Serial1/0 ip address 101.1.1.100 255.255.255.0 serial restart-delay 0 ! interface Serial1/1 no ip address shutdown serial restart-delay 0 ! interface Serial1/2 no ip address shutdown serial restart-delay 0 ! interface Serial1/3 no ip address shutdown serial restart-delay 0 ! interface Serial1/4 no ip address shutdown serial restart-delay 0 ! interface Serial1/5 no ip address shutdown serial restart-delay 0 ! interface Serial1/6 no ip address shutdown serial restart-delay 0 ! interface Serial1/7 no ip address shutdown serial restart-delay 0 ! interface Virtual-Template1 type tunnel ip unnumbered Serial1/0 tunnel source Serial1/0 tunnel mode ipsec ipv4 tunnel protection ipsec profile shiva ! ip local pool admin 192.168.100.100 192.168.100.254 ip forward-protocol nd ! ! no ip http server no ip http secure-server ip route 0.0.0.0 0.0.0.0 101.1.1.1 !

    ip access-list standard stacl permit 192.168.101.0 0.0.0.255 ! access-list 101 permit ip 192.168.101.0 0.0.0.255 192.168.102.0 0.0.0.255 ! ! ! control-plane ! ! line con 0 exec-timeout 0 0 privilege level 15 logging synchronous stopbits 1 line aux 0 exec-timeout 0 0 privilege level 15 logging synchronous stopbits 1 line vty 0 4 login ! ! end ************************************************* hostname R2 ! boot-start-marker boot-end-marker ! ! ! no aaa new-model ! ! ! ! ! ! no ip domain lookup ip domain name lab.local ip cef no ipv6 cef ! ! multilink bundle-name authenticated ! ! ! ! ! ! ! ! crypto ikev2 authorization policy shiva route set interface route set access-list stacl !

    crypto ikev2 proposal shiva encryption aes-cbc-256 integrity sha512 group 5 ! crypto ikev2 policy shiva proposal shiva ! crypto ikev2 keyring shiva peer r1 address 101.1.1.100 pre-shared-key shiva ! ! ! crypto ikev2 profile shiva match identity remote address 101.1.1.100 255.255.255.255 authentication remote pre-share authentication local pre-share keyring local shiva aaa authorization group psk list default shiva ! crypto ikev2 client flexvpn ccc peer 1 101.1.1.100 client connect Tunnel0 ! ! ! ! ! crypto ipsec security-association lifetime seconds 1800 ! crypto ipsec transform-set t-set esp-aes esp-sha-hmac mode tunnel ! ! crypto ipsec profile shiva set transform-set t-set set ikev2-profile shiva ! ! crypto map test 10 ipsec-isakmp set peer 101.1.1.100 set transform-set t-set set ikev2-profile shiva match address 102 ! ! ! ! ! interface Loopback1 ip address 192.168.102.1 255.255.255.0 ! interface Tunnel0 ip address negotiated tunnel source Serial1/0 tunnel mode ipsec ipv4 tunnel destination dynamic tunnel protection ipsec profile shiva

    ! interface FastEthernet0/0 no ip address shutdown duplex full ! interface Serial1/0 ip address 102.1.1.100 255.255.255.0 serial restart-delay 0 ! interface Serial1/1 no ip address shutdown serial restart-delay 0 ! interface Serial1/2 no ip address shutdown serial restart-delay 0 ! interface Serial1/3 no ip address shutdown serial restart-delay 0 ! interface Serial1/4 no ip address shutdown serial restart-delay 0 ! interface Serial1/5 no ip address shutdown serial restart-delay 0 ! interface Serial1/6 no ip address shutdown serial restart-delay 0 ! interface Serial1/7 no ip address shutdown serial restart-delay 0 ! ip forward-protocol nd ! ! no ip http server no ip http secure-server ip route 0.0.0.0 0.0.0.0 102.1.1.1 ! ip access-list standard stacl permit 192.168.102.0 0.0.0.255 ! access-list 102 permit ip 192.168.102.0 0.0.0.255 192.168.101.0 0.0.0.255 ! ! ! control-plane

    ! ! line con 0 exec-timeout 0 0 privilege level 15 logging synchronous stopbits 1 line aux 0 exec-timeout 0 0 privilege level 15 logging synchronous stopbits 1 line vty 0 4 login ! ! end ********************************

    You might also like