Scribd Logo
Upload

Welcome to Scribd!

  • INTERNAL

    Uploaded by

    ĐayZ
    3 views3 pages
    This document contains the configuration of a network device with IPsec VPN tunnels established to two peers using different encryption standards. Interfaces are configured for LAN connectivity and the default route points to one of the IPsec peers. Access control lists permit traffic between internal subnets over the IPsec tunnels.

    Original Description:

    s

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document contains the configuration of a network device with IPsec VPN tunnels established to two peers using different encryption standards. Interfaces are configured for LAN connectivity and the default route points to one of the IPsec peers. Access control lists permit traffic between internal subnets over the IPsec tunnels.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as txt, pdf, or txt
    3 views3 pages

    INTERNAL

    Uploaded by

    ĐayZ
    This document contains the configuration of a network device with IPsec VPN tunnels established to two peers using different encryption standards. Interfaces are configured for LAN connectivity and the default route points to one of the IPsec peers. Access control lists permit traffic between internal subnets over the IPsec tunnels.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as txt, pdf, or txt
    of 3

    Current configuration : 1889 bytes

    !
    upgrade fpd auto
    version 15.2
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname INTERNAL
    !
    boot-start-marker
    boot-end-marker
    !
    !
    !
    no aaa new-model
    !
    !
    !
    !
    !
    !
    ip cef
    no ipv6 cef
    !
    multilink bundle-name authenticated
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    redundancy
    !
    !
    !
    !
    crypto isakmp policy 10
    encr 3des
    authentication pre-share
    group 5
    !
    crypto isakmp policy 20
    hash sha256
    authentication pre-share
    group 5
    crypto isakmp key cisco address 210.10.10.5
    crypto isakmp key cisco address 210.10.10.13
    !
    !
    crypto ipsec transform-set test ah-md5-hmac esp-3des esp-md5-hmac
    mode tunnel
    crypto ipsec transform-set test2 ah-sha256-hmac esp-3des esp-sha256-hmac
    mode tunnel
    !
    !
    !
    crypto map IPSEC 10 ipsec-isakmp
    set peer 210.10.10.5
    set security-association lifetime seconds 86400
    set transform-set test
    set pfs group5
    match address 100
    crypto map IPSEC 20 ipsec-isakmp
    set peer 210.10.10.13
    set security-association lifetime seconds 86400
    set transform-set test2
    set pfs group5
    match address 101
    !
    !
    !
    !
    !
    !
    interface FastEthernet0/0
    ip address 210.10.10.1 255.255.255.252
    duplex half
    crypto map IPSEC
    !
    interface FastEthernet1/0
    ip address 192.168.1.254 255.255.255.0
    duplex half
    !
    interface FastEthernet2/0
    no ip address
    shutdown
    duplex half
    !
    interface FastEthernet3/0
    no ip address
    shutdown
    duplex half
    !
    interface FastEthernet4/0
    no ip address
    shutdown
    duplex half
    !
    ip forward-protocol nd
    no ip http server
    no ip http secure-server
    !
    !
    ip route 0.0.0.0 0.0.0.0 210.10.10.2
    !
    access-list 100 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
    access-list 101 permit ip 192.168.1.0 0.0.0.255 192.168.3.0 0.0.0.255
    !
    !
    !
    control-plane
    !
    !
    !
    mgcp profile default
    !
    !
    !
    gatekeeper
    shutdown
    !
    !
    line con 0
    stopbits 1
    line aux 0
    stopbits 1
    line vty 0 4
    login
    transport input all
    !
    !
    end

    You might also like