Scribd Logo
Upload

Welcome to Scribd!

  • 0 views

    VPN L2L 04

    Uploaded by

    Esteban

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    VPN L2L 04

    Uploaded by

    Esteban
    0 views7 pages

    Original Title

    VPN_L2L_04

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as txt, pdf, or txt
    0 views7 pages

    VPN L2L 04

    Uploaded by

    Esteban

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as txt, pdf, or txt
    of 7

    MIAMI#sh run

    Building configuration...

    Current configuration : 3287 bytes


    !
    version 15.1
    no service timestamps log datetime msec
    no service timestamps debug datetime msec
    service password-encryption
    !
    hostname MIAMI
    !
    !
    !
    enable secret 5 $1$mERr$1sCyUkMEqr7rNbxEEO0Nd.
    !
    !
    !
    !
    !
    !
    no ip cef
    no ipv6 cef
    !
    !
    !
    username soporte privilege 15 secret 5 $1$mERr$OEvDNcIQ4jwQgTqhasXXD1
    !
    !
    license udi pid CISCO2911/K9 sn FTX152435UQ
    license boot module c2900 technology-package securityk9
    !
    !
    !
    crypto isakmp policy 10
    encr aes 256
    authentication pre-share
    group 2
    !
    crypto isakmp key cisco123 address 91.181.0.2
    !
    !
    crypto ipsec security-association lifetime seconds 28800
    !
    crypto ipsec transform-set VPN_PARIS esp-aes 256 esp-md5-hmac
    !
    crypto map VPN_PARIS 10 ipsec-isakmp
    set peer 91.181.0.2
    set security-association lifetime seconds 28800
    set transform-set VPN_PARIS
    match address MIAMI-PARIS
    !
    !
    !
    !
    ip ssh version 2
    ip ssh time-out 25
    no ip domain-lookup
    ip domain-name miami.com
    !
    !
    spanning-tree mode pvst
    !
    !
    !
    !
    !
    !
    interface GigabitEthernet0/0
    description INTERNET
    ip address 90.32.64.98 255.255.255.252
    ip nat outside
    duplex auto
    speed auto
    crypto map VPN_PARIS
    !
    interface GigabitEthernet0/1
    no ip address
    duplex auto
    speed auto
    !
    interface GigabitEthernet0/1.10
    description GERENCIA
    encapsulation dot1Q 10
    ip address 172.16.10.1 255.255.255.0
    ip nat inside
    !
    interface GigabitEthernet0/1.20
    description RRHH
    encapsulation dot1Q 20
    ip address 172.16.20.1 255.255.255.0
    ip nat inside
    !
    interface GigabitEthernet0/1.30
    description TECNOLOGIA
    encapsulation dot1Q 30
    ip address 172.16.30.1 255.255.255.0
    ip nat inside
    !
    interface GigabitEthernet0/1.40
    description PUBLICIDAD
    encapsulation dot1Q 40
    ip address 172.16.40.1 255.255.255.0
    ip nat inside
    !
    interface GigabitEthernet0/1.50
    description SEGURIDAD
    encapsulation dot1Q 50
    ip address 172.16.50.1 255.255.255.0
    ip nat inside
    !
    interface GigabitEthernet0/2
    no ip address
    duplex auto
    speed auto
    shutdown
    !
    interface Vlan1
    no ip address
    shutdown
    !
    ip nat inside source list NAT interface GigabitEthernet0/0 overload
    ip classless
    ip route 0.0.0.0 0.0.0.0 90.32.64.97
    !
    ip flow-export version 9
    !
    !
    ip access-list extended NAT
    permit ip 172.16.10.0 0.0.0.255 any
    permit ip 172.16.20.0 0.0.0.255 any
    deny ip 172.16.30.0 0.0.0.255 172.20.4.0 0.0.0.255
    permit ip 172.16.30.0 0.0.0.255 any
    permit ip 172.16.40.0 0.0.0.255 any
    permit ip 172.16.50.0 0.0.0.255 any
    ip access-list extended MIAMI-PARIS
    permit ip 172.16.30.0 0.0.0.255 172.20.4.0 0.0.0.255
    !
    banner motd ^C
    #######################################
    ## ##
    ## ##
    ## ACCESO RESTRINGIDO ##
    ## ##
    ## ##
    ## SOLO PERSONAL AUTORIZADO ##
    ## ##
    ## ##
    ## CONEXIONES MONITOREADAS ##
    ## ##
    ## ##
    #######################################
    ^C
    !
    !
    !
    !
    line con 0
    exec-timeout 30 0
    password 7 08371F405B49544F58
    logging synchronous
    login local
    !
    line aux 0
    !
    line vty 0 4
    exec-timeout 30 0
    password 7 08371F405B49574758
    login
    line vty 5 15
    exec-timeout 30 0
    password 7 08371F405B49574758
    login
    !
    !
    !
    end
    ###################################################################################
    #########################

    PARIS#sh run
    Building configuration...

    Current configuration : 3216 bytes


    !
    version 15.1
    no service timestamps log datetime msec
    no service timestamps debug datetime msec
    service password-encryption
    !
    hostname PARIS
    !
    !
    !
    enable secret 5 $1$mERr$1sCyUkMEqr7rNbxEEO0Nd.
    !
    !
    !
    !
    !
    !
    no ip cef
    no ipv6 cef
    !
    !
    !
    username soporte privilege 15 secret 5 $1$mERr$OEvDNcIQ4jwQgTqhasXXD1
    !
    !
    license udi pid CISCO2911/K9 sn FTX1524AUEZ
    license boot module c2900 technology-package securityk9
    !
    !
    !
    crypto isakmp policy 10
    encr aes 256
    authentication pre-share
    group 2
    !
    crypto isakmp key cisco123 address 90.32.64.98
    !
    !
    crypto ipsec security-association lifetime seconds 28800
    !
    crypto ipsec transform-set VPN_MIAMI esp-aes 256 esp-md5-hmac
    !
    crypto map VPN_MIAMI 10 ipsec-isakmp
    set peer 90.32.64.98
    set security-association lifetime seconds 28800
    set transform-set VPN_MIAMI
    match address PARIS-MIAMI
    !
    !
    !
    !
    ip ssh version 2
    ip ssh time-out 25
    no ip domain-lookup
    ip domain-name paris.com
    !
    !
    spanning-tree mode pvst
    !
    !
    !
    !
    !
    !
    interface GigabitEthernet0/0
    description INTERNET
    ip address 91.181.0.2 255.255.255.252
    ip nat outside
    duplex auto
    speed auto
    crypto map VPN_MIAMI
    !
    interface GigabitEthernet0/1
    no ip address
    duplex auto
    speed auto
    !
    interface GigabitEthernet0/1.2
    description GERENCIA
    encapsulation dot1Q 2
    ip address 172.20.2.1 255.255.255.0
    ip nat inside
    !
    interface GigabitEthernet0/1.3
    description RRHH
    encapsulation dot1Q 3
    ip address 172.20.3.1 255.255.255.0
    ip nat inside
    !
    interface GigabitEthernet0/1.4
    description TECNOLOGIA
    encapsulation dot1Q 4
    ip address 172.20.4.1 255.255.255.0
    ip nat inside
    !
    interface GigabitEthernet0/1.5
    description PUBLICIDAD
    encapsulation dot1Q 5
    ip address 172.20.5.1 255.255.255.0
    ip nat inside
    !
    interface GigabitEthernet0/1.6
    description ADMIN_RED
    encapsulation dot1Q 6
    ip address 172.20.6.1 255.255.255.0
    !
    interface GigabitEthernet0/2
    no ip address
    duplex auto
    speed auto
    shutdown
    !
    interface Vlan1
    no ip address
    shutdown
    !
    ip nat inside source list NAT interface GigabitEthernet0/0 overload
    ip classless
    ip route 0.0.0.0 0.0.0.0 91.181.0.1
    !
    ip flow-export version 9
    !
    !
    ip access-list extended NAT
    permit ip 172.20.2.0 0.0.0.255 any
    permit ip 172.20.3.0 0.0.0.255 any
    deny ip 172.20.4.0 0.0.0.255 172.16.30.0 0.0.0.255
    permit ip 172.20.4.0 0.0.0.255 any
    permit ip 172.20.5.0 0.0.0.255 any
    ip access-list extended PARIS-MIAMI
    permit ip 172.20.4.0 0.0.0.255 172.16.30.0 0.0.0.255
    !
    banner motd ^C
    #######################################
    ## ##
    ## ##
    ## ACCESO RESTRINGIDO ##
    ## ##
    ## ##
    ## SOLO PERSONAL AUTORIZADO ##
    ## ##
    ## ##
    ## CONEXIONES MONITOREADAS ##
    ## ##
    ## ##
    #######################################
    ^C
    !
    !
    !
    !
    line con 0
    exec-timeout 30 0
    password 7 08371F405B49544F58
    logging synchronous
    login local
    !
    line aux 0
    !
    line vty 0 4
    exec-timeout 25 0
    password 7 08371F405B49574758
    login
    line vty 5 15
    exec-timeout 25 0
    password 7 08371F405B49574758
    login
    !
    !
    !
    end

    ##################################################################################

    SCRIPT VPN L2L CISCO-ROUTERS:


    MIAMI:

    crypto isakmp policy 10


    encryption aes 256
    authentication pre-share
    group 2
    crypto isakmp key cisco123 address 91.181.0.2
    crypto ipsec security-association lifetime seconds 28800

    crypto ipsec transform-set VPN_PARIS esp-aes 256 esp-md5-hmac


    crypto map VPN_PARIS 10 ipsec-isakmp
    set peer 91.181.0.2
    set transform-set VPN_PARIS
    match address MIAMI-PARIS
    interface g0/0
    crypto map VPN_PARIS

    PARIS:

    crypto isakmp policy 10


    encryption aes 256
    authentication pre-share
    group 2
    crypto isakmp key cisco123 address 90.32.64.98
    crypto ipsec security-association lifetime seconds 28800

    crypto ipsec transform-set VPN_MIAMI esp-aes 256 esp-md5-hmac


    crypto map VPN_MIAMI 10 ipsec-isakmp
    set peer 90.32.64.98
    set transform-set VPN_MIAMI
    match address PARIS-MIAMI
    interface g0/0
    crypto map VPN_MIAMI

    You might also like