DVTI
ping 25.0.0.2
ping 35.0.0.3
ping 45.0.0.4
show run | section crypto
conf t
crypto isakmp policy 1
encr aes 192
authentication pre-share
group 5
exit
crypto keyring OUR-PSKs
pre-shared-key address 0.0.0.0 key cisco123
exit
crypto ipsec transform-set OUR-SET esp-aes 128 esp-md5-hmac
exit
crypto ipsec profile OUR-IPsec-PROFILE
set transform-set OUR-SET
exit
interface virtual-template 1 type tunnel
ip unnumbered loop 0
tunnel mode ipsec ipv4
tunnel protection ipsec profile OUR-IPsec-PROFILE
exit
crypto isakmp profile OUR-IKE-PROFILE
match identity address 25.0.0.2 255.255.255.255
match identity address 0.0.0.0
virtual-template 1
keyring OUR-PSKs
exit
router eigrp 777
no auto-summary
network 1.0.0.0
network 10.0.0.0
end
! R2-R4
conf t
crypto isakmp policy 1
encr aes 192
authentication pre-share
group 5
exit
crypto isakmp key cisco123 address 0.0.0.0
crypto ipsec transform-set OUR-SET esp-aes 128 esp-md5-hmac
exit
crypto ipsec profile OUR-IPsec-PROFILE
set transform-set OUR-SET
exit
interface tunnel 2
tunnel mode ipsec ipv4
ip unnumbered loopback 0
tunnel source serial 1/0
tunnel destination 15.0.0.1
tunnel protection ipsec profile OUR-IPsec-PROFILE
exit
router eigrp 777
no auto-summary
! Note: only need to include networks local to the router you are working on
network 2.0.0.0
network 3.0.0.0
network 4.0.0.0
network 10.0.0.0
end
! R1
show crypto isakmp sa
show ip int brief | exclude unassigned
show crypto engine connections active
! R2
show ip route eigrp
ping 10.3.3.3 source 10.2.2.2
traceroute 10.3.3.3
No comments:
Post a Comment