Created
February 5, 2024 14:06
-
-
Save overnew/3f10b16b80c45dec73b6ea265509348c to your computer and use it in GitHub Desktop.
HQ_vpn1.conf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
conf t | |
int s1/0 | |
ip add 10.1.10.2 255.255.255.252 | |
no shut | |
exit | |
int f0/1 | |
ip add 1.1.123.1 255.255.255.248 | |
no shut | |
exit | |
router ospf 1 | |
router-id 1.1.1.2 | |
network 10.1.10.2 0.0.0.0 area 0 | |
exit | |
ip route 0.0.0.0 0.0.0.0 f0/1 1.1.123.3 | |
#defalut 경로는 모두 CE에게 | |
crypto isakmp policy 10 | |
authentication pre-share | |
encryption aes | |
hash sha | |
group 5 | |
lifetime 7200 | |
exit | |
crypto isakmp key 0 cloud address 1.1.100.6 | |
crypto isakmp key 0 cloud address 1.1.100.10 | |
crypto ipsec transform-set VPN esp-aes esp-sha-hmac | |
crypto map HQ1-VPN 10 ipsec-isakmp | |
match address TOBR1 | |
set peer 1.1.100.6 | |
set transform-set VPN | |
reverse-route static | |
exit | |
crypto map HQ1-VPN 20 ipsec-isakmp | |
match address TOBR2 | |
set peer 1.1.100.10 | |
set transform-set VPN | |
reverse-route static | |
exit | |
ip access-list extended TOBR1 | |
permit ip 10.1.0.0 0.0.255.255 10.2.2.0 0.0.0.255 | |
exit | |
ip access-list extended TOBR2 | |
permit ip 10.1.0.0 0.0.255.255 10.3.3.0 0.0.0.255 | |
exit | |
int f0/1 | |
crypto map HQ1-VPN | |
router os 1 | |
redistribute static |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment