Last active
April 19, 2022 12:21
-
-
Save rtrentin73/0d3aac15657f478cc52efc698607b67c to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
crypto ikev2 proposal gcp-east1-gw-on-prem-csr-proposal | |
encryption aes-cbc-256 aes-cbc-192 aes-cbc-128 | |
integrity sha256 | |
group 16 | |
! | |
crypto ikev2 policy gcp-east1-gw-on-prem-csr-policy | |
proposal gcp-east1-gw-on-prem-csr-proposal | |
! | |
crypto ikev2 keyring gcp-east1-gw-on-prem-csr-key-0 | |
peer gcp-east1-gw-interface-0 | |
address 35.242.15.156 | |
pre-shared-key pRq0yheLiEuAJ25z9aNPhzIdm8mMyFTa | |
! | |
! | |
! | |
crypto ikev2 keyring gcp-east1-gw-on-prem-csr-key-1 | |
peer gcp-east1-gw-interface-1 | |
address 35.220.6.163 | |
pre-shared-key wcgx9/OjeEcjkM4cJyyn1LoWT8C0LWDO | |
! | |
! | |
! | |
crypto ikev2 profile gcp-east1-gw-on-prem-csr-ike-profile-0 | |
match address local interface GigabitEthernet1 | |
match identity remote any | |
identity local address 3.232.164.133 | |
authentication remote pre-share | |
authentication local pre-share | |
keyring local gcp-east1-gw-on-prem-csr-key-0 | |
lifetime 36000 | |
dpd 60 5 periodic | |
! | |
! | |
! | |
crypto ikev2 profile gcp-east1-gw-on-prem-csr-ike-profile-1 | |
match address local interface GigabitEthernet1 | |
match identity remote any | |
identity local address 3.232.164.133 | |
authentication remote pre-share | |
authentication local pre-share | |
keyring local gcp-east1-gw-on-prem-csr-key-1 | |
lifetime 36000 | |
dpd 60 5 periodic | |
! | |
! | |
! | |
crypto ipsec security-association replay window-size 1024 | |
crypto ipsec transform-set gcp-east1-gw-on-prem-csr-ts esp-aes 256 esp-sha-hmac | |
mode tunnel | |
! | |
! | |
! | |
crypto ipsec profile gcp-east1-gw-on-prem-csr-s-0 | |
set transform-set gcp-east1-gw-on-prem-csr-ts | |
set pfs group16 | |
set ikev2-profile gcp-east1-gw-on-prem-csr-ike-profile-0 | |
! | |
! | |
! | |
crypto ipsec profile gcp-east1-gw-on-prem-csr-s-1 | |
set transform-set gcp-east1-gw-on-prem-csr-ts | |
set pfs group16 | |
set ikev2-profile gcp-east1-gw-on-prem-csr-ike-profile-1 | |
! | |
! | |
! | |
interface Tunnel1000 | |
ip address 169.254.0.2 255.255.255.252 | |
ip mtu 1400 | |
ip tcp adjust-mss 1360 | |
tunnel source GigabitEthernet1 | |
tunnel mode ipsec ipv4 | |
tunnel destination 35.242.15.156 | |
tunnel protection ipsec profile gcp-east1-gw-on-prem-csr-s-0 | |
! | |
! | |
! | |
interface Tunnel2000 | |
ip address 169.254.0.6 255.255.255.252 | |
ip mtu 1400 | |
ip tcp adjust-mss 1360 | |
tunnel source GigabitEthernet1 | |
tunnel mode ipsec ipv4 | |
tunnel destination 35.220.6.163 | |
tunnel protection ipsec profile gcp-east1-gw-on-prem-csr-s-1 | |
! | |
! | |
! | |
router bgp 65513 | |
bgp log-neighbor-changes | |
neighbor 169.254.0.1 remote-as 64512 | |
neighbor 169.254.0.5 remote-as 64512 | |
! | |
address-family ipv4 | |
network 192.168.0.0 mask 255.255.255.0 | |
neighbor 169.254.0.1 activate | |
neighbor 169.254.0.5 activate | |
exit-address-family | |
! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment