* * * cisco ipsec over gre ALICO ROUTER * * * * =======================================IP ================ * interface FastEthernet0/0 * ip address 172.31.238.9 255.255.255.252 * duplex auto * speed auto * ! * interface FastEthernet0/1 * description BDCOM Connectivity * ip address 172.31.238.18 255.255.255.252 * * * ip route 0.0.0.0 0.0.0.0 172.31.238.17 * ip route 10.40.94.0 255.255.255.0 172.31.238.10 * ip route 119.40.81.1 255.255.255.255 172.16.65.1 name BDCOM_IPTSP * ip route 119.40.81.5 255.255.255.255 172.16.65.1 name BDCOM_IPTSP * * ===================================ipsec ==== * R2(config)#crypto isakmp policy 10 * R2(config)#crypto ipsec transform-set alico esp-3des esp-sha-hmac * R2(config-isakmp)# encr 3des * * crypto isakmp key 6 test987 address 119.40.80.102 * crypto map alico_ipsec 1 ipsec-isakmp * set peer 119.40.80.102 * set transform-set alico * match address acl_alico * exit * ip access-list extended acl_alico * permit ip host 172.16.65.2 host 172.16.65.1 * permit ip 10.40.94.0 0.0.0.255 host 119.40.81.1 * permit ip 10.40.94.0 0.0.0.255 host 119.40.81.5 * exit * * * * interface Tunnel1 * crypto map alico_ipsec * * ======================GRE========== * * interface Tunnel1 * description tunnel_for_bdcomtoalico * ip address 172.16.65.2 255.255.255.252 * tunnel source 172.31.238.18 * tunnel destination 119.40.80.102 * * * ------------- * no ip http secure-server * snmp-server community access@bdcom RO * * User====pass * enable password BDc0m987 * Router(config)#line console 0 * Router(config-line)#password cisco * Router(config-line)#login * Router(config-line)#exit * * Router#config terminal * Router(config)#line vty 0 4 * Router(config-line)#password cisco * Router(config-line)#login //// transport input telnet * Router(config-line)#exit * * username cisco privilege 7 password 7 XXX * username alico privilege 7 password 7 XXX * username bdcom privilege 15 password 7 BDc0m987 * service password-encryption * * * ============ * * * alico#show running-config * Building configuration... * * Current configuration : 1842 bytes * ! * version 12.4 * service timestamps debug datetime msec * service timestamps log datetime msec * service password-encryption * ! * hostname alico * ! * boot-start-marker * boot-end-marker * ! * enable secret 5 $1$YEA9$hN85qpsBylWJ4HbJpBDd4. * ! * aaa new-model * ! * ! * ! * ! * aaa session-id common * ip cef * ! * ! * ! * ! * ! * multilink bundle-name authenticated * ! * ! * ! * ! * username cisco password 7 070D254F1E04405D40 * username alico password 7 080140470A49544641 * username bdcom password 7 143536085C09737373 * username aminul privilege 15 password 7 121F0C05011F5F577378 * ! * ! * ! * crypto isakmp policy 10 * encr 3des * authentication pre-share * crypto isakmp key 6 test987 address 119.40.80.102 * ! * ! * crypto ipsec transform-set alico esp-3des esp-sha-hmac * ! * crypto map alico_ipsec 1 ipsec-isakmp * set peer 119.40.80.102 * set transform-set alico * match address acl_alico * ! * ! * ! * ! * interface Tunnel1 * * *