VPN
If you can't read please download the document
-
Upload
erick-jonathan-hernandez-sanchez -
Category
Documents
-
view
3 -
download
1
description
configuraciones vpn
Transcript of VPN
***VPN con protocolo IPsec*************en config taccess-list 110 permit ip 192.168.1.0 0.0.0.255 192.168.3.0 0.0.0.255crypto isakmp policy 10encryption aes ********************enconfig taccess-list 110 permit ip 192.168.1.0 0.0.0.255 192.168.3.0 0.0.0.255crypto isakmp policy 10encryption aes authentication pre-share group 2exitcrypto isakmp key cisco address 10.2.2.2crypto ipsec transform-set VPN-SET esp-3des esp-sha-hmaccrypto map VPN-MAP 10 ipsec-isakmp cr% NOTE: This new crypto map will remain disabled until a peer and a valid access list have been configured.set peer 10.2.2.2set transform-set VPN-SETmatch address 110int s0/0/0crypto map VPN-MAP*Jan 3 07:16:26.785: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is ONR1(config-if)#????????????????????????????????????????R1>enR1#config tEnter configuration commands, one per line. End with CNTL/Z.R1(config)#acR1(config)#access-list 110 peR1(config)#access-list 110 permit ip 192.168.1.0 0.0.0.255 192.168.3.0 0.0.0.255R1(config)#cryR1(config)#crypto isR1(config)#crypto isakmp poliR1(config)#crypto isakmp policy 10R1(config-isakmp)#encR1(config-isakmp)#encryption aR1(config-isakmp)#encryption aes auR1(config-isakmp)#encryption aes autR1(config-isakmp)#encryption aes R1(config-isakmp)#auR1(config-isakmp)#authentication preR1(config-isakmp)#authentication pre-share R1(config-isakmp)#groR1(config-isakmp)#group 2R1(config-isakmp)#exitR1(config)#crR1(config)#crypto iR1(config)#crypto isR1(config)#crypto isakmp kR1(config)#crypto isakmp key cR1(config)#crypto isakmp key ciR1(config)#crypto isakmp key cisco aR1(config)#crypto isakmp key cisco address 10.2.2.2R1(config)#crR1(config)#crypto ipR1(config)#crypto ipsec trR1(config)#crypto ipsec transform-set vpR1(config)#crypto ipsec transform-set VPN-SETR1(config)#crypto ipsec transform-set VPN-SETeR1(config)#crypto ipsec transform-set VPN-SET eR1(config)#crypto ipsec transform-set VPN-SET espR1(config)#crypto ipsec transform-set VPN-SET esp-3des eR1(config)#crypto ipsec transform-set VPN-SET esp-3des esR1(config)#crypto ipsec transform-set VPN-SET esp-3des esp-sha-hmacR1(config)#crR1(config)#crypto mR1(config)#crypto map VPN-MAP 10 iR1(config)#crypto map VPN-MAP 10 ipR1(config)#crypto map VPN-MAP 10 ipsec-isakmp % NOTE: This new crypto map will remain disabled until a peer and a valid access list have been configured.R1(config-crypto-map)#deR1(config-crypto-map)#seR1(config-crypto-map)#set pR1(config-crypto-map)#set peR1(config-crypto-map)#set peer 10.2.2.2R1(config-crypto-map)#set tR1(config-crypto-map)#set transform-set VPN-SETR1(config-crypto-map)#mR1(config-crypto-map)#match aR1(config-crypto-map)#match address 110R1(config-crypto-map)#exitR1(config)#int s0/0/0R1(config-if)#crR1(config-if)#crypto mR1(config-if)#crypto map VPN-MAP*Jan 3 07:16:26.785: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is ONR1(config-if)#??????????????????R3>enR3#config tEnter configuration commands, one per line. End with CNTL/Z.R3(config)#aR3(config)#acR3(config)#access-list 110 peR3(config)#access-list 110 permit ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255R3(config)#crR3(config)#crypto isR3(config)#crypto isakmp pR3(config)#crypto isakmp policy 10R3(config-isakmp)#eR3(config-isakmp)#enR3(config-isakmp)#encryption aR3(config-isakmp)#encryption aes R3(config-isakmp)#auR3(config-isakmp)#authentication pR3(config-isakmp)#authentication pre-share R3(config-isakmp)#grR3(config-isakmp)#group 2R3(config-isakmp)#exitR3(config)#crR3(config)#crypto iR3(config)#crypto isR3(config)#crypto isakmp kR3(config)#crypto isakmp key cisco aR3(config)#crypto isakmp key cisco address 10.1.1.2R3(config)#crR3(config)#crypto ipR3(config)#crypto ipsec tR3(config)#crypto ipsec transform-set VPN-SET eR3(config)#crypto ipsec transform-set VPN-SET esp-3des espR3(config)#crypto ipsec transform-set VPN-SET esp-3des esp-shR3(config)#crypto ipsec transform-set VPN-SET esp-3des esp-sha-hmac R3(config)#crR3(config)#crypto mR3(config)#crypto map VPN-MAP 10 IPR3(config)#crypto map VPN-MAP 10 IPsec-isakmp % NOTE: This new crypto map will remain disabled until a peer and a valid access list have been configured.R3(config-crypto-map)#set pR3(config-crypto-map)#set peR3(config-crypto-map)#set peer 10.1.1.2R3(config-crypto-map)#set tR3(config-crypto-map)#set transform-set VPN-SETR3(config-crypto-map)#mR3(config-crypto-map)#match aR3(config-crypto-map)#match address 110R3(config-crypto-map)#exitR3(config)#int s0/0/1R3(config-if)#crR3(config-if)#crypto mR3(config-if)#crypto map VPN-MAP*Jan 3 07:16:26.785: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is ONR3(config-if)######R1#SH CRypto IPsec sa
