Example for the vpn configuration of cisco

724 views

Published on

Leading Cisco networking products distributor-3network.com
Example for the vpn configuration of cisco

Published in: Technology, Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
724
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
29
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Example for the vpn configuration of cisco

  1. 1. Example for the VPN Configuration of Cisco Here is an example for the VPN configuration of Cisco router to green hand. r1(config)#int f0/0 r1(config-if)#ip add 50.50.50.50 255.255.255.0 r1(config-if)#no shu r1(config-if)#int f1/0 r1(config-if)#ip add 20.20.20.20 255.255.255.0 r1(config-if)#no shu r1(config)#ip route 0.0.0.0 0.0.0.0 20.20.20.21 //Do a default route to make the interoperability over whole network r1(config)#crypto isakmp policy 1 r1(config-isakmp)#authentication pre-share //Enable the definition of shared key r1(config-isakmp)#encryption 3des //Use 3DES encryption algorithm r1(config-isakmp)#hash md5 //Use MD5 hash algorithm to Authenticate the key r1(config)#crypto isakmp key 0 123 address 20.20.20.21 //Set the shared key to be 123 and the peer address r1(config)#crypto isakmp transform-set zhao ah-md5-h esp-3des //Transmission mode is zhao, verification is md5 and encryption is 3des r1(config)#accress-list 101 permit ip 50.50.50.0 0.0.0.255 60.60.60.0 0.0.0.255 //Configure ACL r1(config)#crypto map jin 1 ipsec-isakmp //Create crypto map name to be jin r1(config-crypto-map)#set peer 20.20.20.21 //Set the link to the peer IP address r1(config-crypto-map)#set transfrom-set zhao //Set the transmission mode zhao r1(config-crypto-map)#match address 101 //Set application control list 1
  2. 2. r1(config)#int f0/0 r1(config)#crypto map jin //Apply to the interface r2(config)#int f0/0r2(config-if)#ip add 60.60.60.60 255.255.255.0 r2(config-if)#no shu r2(config-if)#int f1/0 r2(config-if)#ip add 20.20.20.21 255.255.255.0 r2(config-if)#no shu r2(config)#ip route 0.0.0.0 0.0.0.0 20.20.20.20 //Do a default route to make the interoperability over whole network r2(config)#crypto isakmp policy 1 r2(config-isakmp)#authentication pre-share //Enable the definition of shared key r2(config-isakmp)#encryption 3des //Use 3DES encryption algorithm r2(config-isakmp)#hash md5 //Use MD5 hash algorithm to Authenticate the key r2(config)#crypto isakmp key 0 123 address 20.20.20.20 //Set the shared key to be 123 and the peer address r2(config)#crypto isakmp transform-set zhao ah-md5-h esp-3des //Transmission mode is zhao, verification is md5 and encryption is 3des r2(config)#accress-list 101 permit ip 60.60.60.0 0.0.0.255 50.50.50.0 0.0.0.255 //Configure ACL r2(config)#crypto map jin 1 ipsec-isakmp //Create crypto map name to be jin r2(config-crypto-map)#set peer 20.20.20.21 //Set the link to the peer IP address r2(config-crypto-map)#set transfrom-set zhao //Set the transmission mode zhao r2(config-crypto-map)#match address 101 //Set application control list r2(config)#int f0/0 r2(config)#crypto map jin vpcs1:ip 50.50.50.48 50.50.50.50 24 vpcs2:ip 50.50.50.49 50.50.50.50 24 vpcs3:ip 60.60.60.48 60.60.60.60 24 vpcs4:ip 60.60.60.49 60.60.60.60 24 Then for the ping test. “Show” is used to see results and the show command will be used as below: View port applications:r1# show crypto map View IKE negotiation:r1# show crypto isakmp policy View Transmission Mode:r1# show crypto ipsec transform-set More related: Cisco Switch 3550 Speed Limits to Interface Enterprise Network Manager: the Router-on-a-Stick Cisco Catalyst 3750-X Series Configurations More Cisco products and Reviews you can visit: http://www.3anetwork.com/blog 2
  3. 3. 3Anetwork.com is a world leading Cisco networking products wholesaler, we wholesale original new Cisco networking equipments, including Cisco Catalyst switches, Cisco routers, Cisco firewalls, Cisco wireless products, Cisco modules and interface cards products at competitive price and ship to worldwide. Our website: http://www.3anetwork.com Telephone: +852-3069-7733 Email: info@3Anetwork.com Address: 23/F Lucky Plaza, 315-321 Lockhart Road, Wanchai, Hongkong 3

×