Scribd Logo
Upload

Welcome to Scribd!

  • Lab VPN

    Uploaded by

    DjSosa18
    47 views2 pages
    SITE TO SITE Hostname R2 crypto isakmp policy 2 authentication pre-share lifetime 3600. 255.255.255.252 crypto map cryptvpn 10 ipsec-isakmp set peer 10.3.0. Set security-association lifetime kilobytes 102400. Set transform-set transfdes esp-des. Ip virtual-reassembly! interface Fa 0 / 1 ip address 192.168.3. 255.

    Original Description:

    Original Title

    Lab-vpn

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    SITE TO SITE Hostname R2 crypto isakmp policy 2 authentication pre-share lifetime 3600. 255.255.255.252 crypto map cryptvpn 10 ipsec-isakmp set peer 10.3.0. Set security-association lifetime kilobytes 102400. Set transform-set transfdes esp-des. Ip virtual-reassembly! interface Fa 0 / 1 ip address 192.168.3. 255.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    47 views2 pages

    Lab VPN

    Uploaded by

    DjSosa18
    SITE TO SITE Hostname R2 crypto isakmp policy 2 authentication pre-share lifetime 3600. 255.255.255.252 crypto map cryptvpn 10 ipsec-isakmp set peer 10.3.0. Set security-association lifetime kilobytes 102400. Set transform-set transfdes esp-des. Ip virtual-reassembly! interface Fa 0 / 1 ip address 192.168.3. 255.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    SITE TO SITE

    ! interface Se 0/0/1 ip address 10.3.0.1 255.255.255.252 ip nat inside crypto map cryptvpn ! ! interface Fa 0/0 ip address 192.168.16.X 255.255.255.0 ip nat outside ip virtual-reassembly ! ! interface Fa 0/1 ip address 192.168.1.1 255.255.255.0 ip nat inside ip virtual-reassembly ! ip classless ip route 0.0.0.0 0.0.0.0 192.168.16.1 ip route 192.168.3.0 255.255.255.0 10.3.0.2

    Hostname R3 crypto isakmp policy 2 authentication pre-share lifetime 3600 crypto isakmp key 12345 address 10.3.0.1 ! crypto ipsec transform-set transfdes esp-des ! crypto map cryptvpn 10 ipsec-isakmp set peer 10.3.0.1 set security-association lifetime kilobytes 102400 set security-association lifetime seconds 600 set transform-set transfdes match address cryptolist1 ! interface Tunnel1 ip address 172.16.0.2 255.255.255.252 tunnel source 10.3.0.2 tunnel destination 10.3.0.1 ! interface Se 0/0/1 ip address 10.3.0.2 255.255.255.252 crypto map cryptvpn ! interface Fa 0/0 ip address 10.3.1.254 255.255.255.0 ip virtual-reassembly ! interface Fa 0/1 ip address 192.168.3.1 255.255.255.0 ip virtual-reassembly ! ip classless ip route 192.168.2.0 255.255.255.0 10.3.0.1 ! ip http server ip http authentication local ip http secure-server ! ip access-list extended cryptolist1 permit gre host 10.3.0.2 host 10.3.0.1 ! Opcional access-list 101 permit ip host 192.168.x.2 any

    hostname R2 crypto isakmp policy 2 authentication pre-share lifetime 3600 crypto isakmp key 12345 address 10.3.0.2 ! ! crypto ipsec transform-set transfdes esp-des ! crypto map cryptvpn 10 ipsec-isakmp set peer 10.3.0.2 set security-association lifetime kilobytes 102400 set security-association lifetime seconds 600 set transform-set transfdes match address cryptolist1 ! interface Tunnel1 ip address 172.16.0.1 255.255.255.252 tunnel source 10.3.0.1 tunnel destination 10.3.0.2 !

    ! ip http server ip http authentication local ip http secure-server ! ! ip nat inside source list 101 interface Fast 0/0 overload ! ! ip access-list extended cryptolist1 permit gre host 10.3.0.1 host 10.3.0.2 ! ! access-list 101 permit ip any any

    el nn Tu

    0 0. 6. .1 72 :1

    .3. 10

    /3 0

    0 /3

    10 .0 .0 .0

    0.0 /30

    CLIENT TO SITE

    hostname R1 username user1 password cisco1 username user2 password cisco2 username user3 password cisco3 ! ! ! crypto isakmp policy 1 encr 3des authentication pre-share group 2 crypto isakmp client configuration address-pool local dynpool crypto isakmp xauth timeout 60

    ! ! crypto isakmp client configuration group ClaseCCNA key abc123 pool dynpool ! ! crypto ipsec transform-set mytransform esp-3des esp-sha-hmac ! crypto dynamic-map dynmap 1 set transform-set mytransform reverse-route ! ! crypto map dynmap client authentication list ListaLocal crypto map dynmap isakmp authorization list ClaseCCNA crypto map dynmap client configuration address respond crypto map dynmap 1 ipsec-isakmp dynamic dynmap ! ! ! interface Se 0/0/0 ip address 10.1.0.1 255.255.255.0 crypto map cryptvpn ! ip local pool dynpool 192.168.50.200 192.168.50.254 ! ! ip http server ip http authentication local ip http secure-server ip domain name cisco.ccna4 crypto key generate rsa line vty 0 4 transport input ssh

    el nn Tu 0 0. 6. .1 72 :1

    .3 10

    /3 0

    0 /3

    10 .0 .0 .0

    0 .0. /30

    You might also like