Minggu, 20 Mei 2012

konfigurasi vpn GRE IPSEC:

konfigurasi vpn GRE IPSEC:
R1
no logging console
int s0/0
no shutdown
ip address 12.34.56.2 255.255.255.0
exit
int fe1/0
no shutdown
ip address 192.168.1.1 255.255.255.0
exit
int tunnel 0
desc gre tunnel to router R2
ip address 192.168.200.1 255.255.255.0
tunnel source 12.34.56.2
tunnel destination 23.45.67.2
ip mtu 1500
ip tcp adjust-mss 1400
keepalive
exit
int tunnel 1
desc gre tunnel to router R3
ip address 192.168.201.1 255.255.255.0
tunnel source 12.34.56.2
tunnel destination 34.56.78.2
ip mtu 1500
ip tcp adjust-mss 1400
keepalive
exit
router eigrp 100
no auto-summary
network 192.168.1.0
network 192.168.200.0
network 192.168.201.0
exit
ip route 0.0.0.0 0.0.0.0 12.34.56.1
crypto isakmp policy 1
authentication pre-share
group 5
encryption aes
hash sha
exit
crypto isakmp key 4zukkh3d3l address 23.45.67.2
crypto isakmp key 4zukkh3d3l address 34.56.78.2
crypto ipsec transform-set aes-sha esp-aes esp-sha-hmac
access-list 101 permit gre host 12.34.56.2 host 23.45.67.2
access-list 102 permit gre host 12.34.56.2 host 34.56.78.2
crypto map vpn 10 ipsec-isakmp
desc vpn from r1 to r2
set peer 23.45.67.2
set transform-set aes-sha
match address 101
crypto map vpn 11 ipsec-isakmp
desc vpn from r1 to r3
set peer 34.56.78.2
set transform-set aes-sha
match address 102
int s0/0
crypto map vpn
R2
int s0/0
no shutdown
ip address 23.45.67.2 255.255.255.0
int fe1/0
no shutdown
ip address 192.168.2.1 255.255.255.0
int tunnel 0
desc gre tunnel to router R1
ip address 192.168.200.2 255.255.255.0
tunnel source 23.45.67.2(ip serial R2 yg terkoneksi ke internet)
tunnel destination 12.34.56.2(ip serial R1 yang terkoneksi ke internet)
ip mtu 1500
ip tcp adjust-mss 1400
keepalive
router eigrp 100
no auto-summary
network 192.168.2.0
network 192.168.200.0
ip route 0.0.0.0 0.0.0.0 23.45.67.1
crypto isakmp policy 1
authentication pre-share
group 5
encryption aes
hash sha
exit
crypto isakmp key 4zukkh3d3l address 12.34.56.2
crypto ipsec transform-set aes-sha esp-aes esp-sha-hmac
access-list 100 permit gre host 23.45.67.2 host 12.34.56.2
crypto map vpn 10 ipsec-isakmp
desc vpn from r2 to r1
set peer 12.34.56.2
set transform-set aes-sha
match address 100
exit
int s0/0
crypto map vpn
exit
R3
int s0/0
no shutdown
ip address 34.56.78.2 255.255.255.0
exit
int fe1/0
no shutdown
ip address 192.168.2.1 255.255.255.0
exit
int tunnel 0
desc gre tunnel to router R1
ip address 192.168.201.2 255.255.255.0
tunnel source 34.56.78.2(ip serial R3 yg terkoneksi ke internet)
tunnel destination 12.34.56.2(ip serial R1 yang terkoneksi ke internet)
ip mtu 1500
ip tcp adjust-mss 1400
keepalive
exit
router eigrp 100
no auto-summary
network 192.168.2.0
network 192.168.200.0
exit
ip route 0.0.0.0 0.0.0.0 34.56.78.1
crypto isakmp policy 1
authentication pre-share
group 5
encryption aes
hash sha
exit
crypto isakmp key 0 4zukkh3d3l address 12.34.56.2
crypto ipsec transform-set aes-sha esp-aes esp-sha-hmac
access-list 103 permit gre host 34.56.78.2 host 12.34.56.2
crypto map vpn 10 ipsec-isakmp
desc vpn from r3 to r1
set peer 12.34.56.2
set transform-set aes-sha
match address 103
exit
int s0/0
crypto map vpn
exit
Diposting oleh di 20.14

Tidak ada komentar:

Posting Komentar

Komentarnya mana
readbud - get paid to read and rate articles