Created
June 9, 2022 19:11
-
-
Save rtrentin73/bd3b31b3fe7e1009d1d0859a5d74179d to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
crypto ikev2 proposal gcp-central1-gw-on-prem-csr-proposal | |
encryption aes-cbc-256 aes-cbc-192 aes-cbc-128 | |
integrity sha256 | |
group 16 | |
! | |
crypto ikev2 policy gcp-central1-gw-on-prem-csr-policy | |
proposal gcp-central1-gw-on-prem-csr-proposal | |
! | |
crypto ikev2 keyring gcp-central1-gw-on-prem-csr-key-0 | |
peer gcp-central1-gw-interface-0 | |
address 34.157.85.35 | |
pre-shared-key avtx2019! | |
! | |
! | |
! | |
crypto ikev2 keyring gcp-central1-gw-on-prem-csr-key-1 | |
peer gcp-central1-gw-interface-1 | |
address 34.157.234.125 | |
pre-shared-key avtx2019! | |
! | |
! | |
crypto ikev2 keyring gcp-east1-gw-on-prem-csr-key-0 | |
peer gcp-east1-gw-interface-0 | |
address 35.242.15.148 | |
pre-shared-key avtx2019! | |
! | |
! | |
! | |
crypto ikev2 keyring gcp-east1-gw-on-prem-csr-key-1 | |
peer gcp-east1-gw-interface-1 | |
address 35.220.14.42 | |
pre-shared-key avtx2019! | |
! | |
crypto ikev2 profile gcp-central1-gw-on-prem-csr-ike-profile-0 | |
match address local interface GigabitEthernet1 | |
match identity remote any | |
identity local address 3.90.227.24 | |
authentication remote pre-share | |
authentication local pre-share | |
keyring local gcp-central1-gw-on-prem-csr-key-0 | |
lifetime 36000 | |
dpd 60 5 periodic | |
! | |
! | |
! | |
crypto ikev2 profile gcp-central1-gw-on-prem-csr-ike-profile-1 | |
match address local interface GigabitEthernet1 | |
match identity remote any | |
identity local address 3.90.227.24 | |
authentication remote pre-share | |
authentication local pre-share | |
keyring local gcp-central1-gw-on-prem-csr-key-1 | |
lifetime 36000 | |
dpd 60 5 periodic | |
! | |
! | |
crypto ikev2 profile gcp-east1-gw-on-prem-csr-ike-profile-0 | |
match address local interface GigabitEthernet1 | |
match identity remote any | |
identity local address 3.90.227.24 | |
authentication remote pre-share | |
authentication local pre-share | |
keyring local gcp-east1-gw-on-prem-csr-key-0 | |
lifetime 36000 | |
dpd 60 5 periodic | |
! | |
! | |
! | |
crypto ikev2 profile gcp-east1-gw-on-prem-csr-ike-profile-1 | |
match address local interface GigabitEthernet1 | |
match identity remote any | |
identity local address 3.90.227.24 | |
authentication remote pre-share | |
authentication local pre-share | |
keyring local gcp-east1-gw-on-prem-csr-key-1 | |
lifetime 36000 | |
dpd 60 5 periodic | |
! | |
crypto ipsec security-association replay window-size 1024 | |
crypto ipsec transform-set gcp-central1-gw-on-prem-csr-ts esp-aes 256 esp-sha-hmac | |
mode tunnel | |
! | |
! | |
crypto ipsec security-association replay window-size 1024 | |
crypto ipsec transform-set gcp-east1-gw-on-prem-csr-ts esp-aes 256 esp-sha-hmac | |
mode tunnel | |
! | |
crypto ipsec profile gcp-central1-gw-on-prem-csr-s-0 | |
set transform-set gcp-central1-gw-on-prem-csr-ts | |
set pfs group16 | |
set ikev2-profile gcp-central1-gw-on-prem-csr-ike-profile-0 | |
! | |
! | |
! | |
crypto ipsec profile gcp-central1-gw-on-prem-csr-s-1 | |
set transform-set gcp-central1-gw-on-prem-csr-ts | |
set pfs group16 | |
set ikev2-profile gcp-central1-gw-on-prem-csr-ike-profile-1 | |
! | |
! | |
crypto ipsec profile gcp-east1-gw-on-prem-csr-s-0 | |
set transform-set gcp-east1-gw-on-prem-csr-ts | |
set pfs group16 | |
set ikev2-profile gcp-east1-gw-on-prem-csr-ike-profile-0 | |
! | |
! | |
! | |
crypto ipsec profile gcp-east1-gw-on-prem-csr-s-1 | |
set transform-set gcp-east1-gw-on-prem-csr-ts | |
set pfs group16 | |
set ikev2-profile gcp-east1-gw-on-prem-csr-ike-profile-1 | |
! | |
interface Tunnel1000 | |
ip address 169.254.175.198 255.255.255.252 | |
ip mtu 1400 | |
ip tcp adjust-mss 1360 | |
tunnel source GigabitEthernet1 | |
tunnel mode ipsec ipv4 | |
tunnel destination 34.157.85.35 | |
tunnel protection ipsec profile gcp-central1-gw-on-prem-csr-s-0 | |
! | |
! | |
! | |
interface Tunnel2000 | |
ip address 169.254.243.238 255.255.255.252 | |
ip mtu 1400 | |
ip tcp adjust-mss 1360 | |
tunnel source GigabitEthernet1 | |
tunnel mode ipsec ipv4 | |
tunnel destination 34.157.234.125 | |
tunnel protection ipsec profile gcp-central1-gw-on-prem-csr-s-1 | |
! | |
! | |
interface Tunnel3000 | |
ip address 169.254.121.142 255.255.255.252 | |
ip mtu 1400 | |
ip tcp adjust-mss 1360 | |
tunnel source GigabitEthernet1 | |
tunnel mode ipsec ipv4 | |
tunnel destination 35.242.15.148 | |
tunnel protection ipsec profile gcp-east1-gw-on-prem-csr-s-0 | |
! | |
! | |
! | |
interface Tunnel4000 | |
ip address 169.254.131.50 255.255.255.252 | |
ip mtu 1400 | |
ip tcp adjust-mss 1360 | |
tunnel source GigabitEthernet1 | |
tunnel mode ipsec ipv4 | |
tunnel destination 35.220.14.42 | |
tunnel protection ipsec profile gcp-east1-gw-on-prem-csr-s-1 | |
! | |
! | |
router bgp 65501 | |
bgp log-neighbor-changes | |
neighbor 169.254.175.197 remote-as 64512 | |
neighbor 169.254.243.237 remote-as 64512 | |
neighbor 169.254.121.141 remote-as 64512 | |
neighbor 169.254.131.49 remote-as 64512 | |
! | |
address-family ipv4 | |
network 192.168.0.0 mask 255.255.255.0 | |
neighbor 169.254.32.97 activate | |
neighbor 169.254.243.237 activate | |
neighbor 169.254.121.141 activate | |
neighbor 169.254.131.49 activate | |
exit-address-family | |
! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment