Loved Cat Diary: site-to-site vpn basics

« Switch Security | Home | A simple IPSec VPN configuration »

February 27, 2008

site-to-site vpn basics

/*
sample configuration of site-to-site vpn

HELL(config)# crypto isakmp policy 10
HELL(config-isakmp)# encryption des
HELL(config-isakmp)# hash md5
HELL(config-isakmp)# authentication pre-share
HELL(config-isakmp)# group 2
HELL(config-isakmp)#
HELL(config)# crypto isakmp key KEY address 200.1.1.2
HELL(config)# crypto ipsec transform-set SET esp-des esp-md5-hmac
HELL(cfg-crypto-trans)# mode tunnel
HELL(cfg-crypto-trans)#
HELL(config)# crypto map VPN 10 ipsec-isakmp
HELL(config-crypto-map)# set peer 200.1.1.2
HELL(config-crypto-map)# match address 100
HELL(config-crypto-map)# set transform-set SET
HELL(config-crypto-map)# int s0
HELL(config-if)# crypto map VPN
HELL(config-if)#

Posted by Lifeng Shen on February 27, 2008 5:21 PM | Permalink

添加评论

Name:

Email Address:

URL:

Comments:

Remember personal info?

固定链接与引用