ipsec_over_gre
- cisco ipsec over gre ALICO ROUTER
- =======================================IP ================
- interface FastEthernet0/0
- ip address 172.31.238.9 255.255.255.252
- duplex auto
- speed auto
- !
- interface FastEthernet0/1
- description BDCOM Connectivity
- ip address 172.31.238.18 255.255.255.252
- ip route 0.0.0.0 0.0.0.0 172.31.238.17
- ip route 10.40.94.0 255.255.255.0 172.31.238.10
- ip route 119.40.81.1 255.255.255.255 172.16.65.1 name BDCOM_IPTSP
- ip route 119.40.81.5 255.255.255.255 172.16.65.1 name BDCOM_IPTSP
- ===================================ipsec ====
- R2(config)#crypto isakmp policy 10
- R2(config)#crypto ipsec transform-set alico esp-3des esp-sha-hmac
- R2(config-isakmp)# encr 3des
- crypto isakmp key 6 test987 address 119.40.80.102
- crypto map alico_ipsec 1 ipsec-isakmp
- set peer 119.40.80.102
- set transform-set alico
- match address acl_alico
- exit
- ip access-list extended acl_alico
- permit ip host 172.16.65.2 host 172.16.65.1
- permit ip 10.40.94.0 0.0.0.255 host 119.40.81.1
- permit ip 10.40.94.0 0.0.0.255 host 119.40.81.5
- exit
- interface Tunnel1
- crypto map alico_ipsec
- ======================GRE==========
- interface Tunnel1
- description tunnel_for_bdcomtoalico
- ip address 172.16.65.2 255.255.255.252
- tunnel source 172.31.238.18
- tunnel destination 119.40.80.102
- ————-
- no ip http secure-server
- snmp-server community access@bdcom RO
- User====pass
- enable password BDc0m987
- Router(config)#line console 0
- Router(config-line)#password cisco
- Router(config-line)#login
- Router(config-line)#exit
- Router#config terminal
- Router(config)#line vty 0 4
- Router(config-line)#password cisco
- Router(config-line)#login transport input telnet
- Router(config-line)#exit
- username cisco privilege 7 password 7 XXX
- username alico privilege 7 password 7 XXX
- username bdcom privilege 15 password 7 BDc0m987
- service password-encryption
- ============
- alico#show running-config
- Building configuration…
- Current configuration : 1842 bytes
- !
- version 12.4
- service timestamps debug datetime msec
- service timestamps log datetime msec
- service password-encryption
- !
- hostname alico
- !
- boot-start-marker
- boot-end-marker
- !
- enable secret 5 $1$YEA9$hN85qpsBylWJ4HbJpBDd4.
- !
- aaa new-model
- !
- !
- !
- !
- aaa session-id common
- ip cef
- !
- !
- !
- !
- !
- multilink bundle-name authenticated
- !
- !
- !
- !
- username cisco password 7 070D254F1E04405D40
- username alico password 7 080140470A49544641
- username bdcom password 7 143536085C09737373
- username aminul privilege 15 password 7 121F0C05011F5F577378
- !
- !
- !
- crypto isakmp policy 10
- encr 3des
- authentication pre-share
- crypto isakmp key 6 test987 address 119.40.80.102
- !
- !
- crypto ipsec transform-set alico esp-3des esp-sha-hmac
- !
- crypto map alico_ipsec 1 ipsec-isakmp
- set peer 119.40.80.102
- set transform-set alico
- match address acl_alico
- !
- !
- !
- !
- interface Tunnel1
ipsec_over_gre.txt · Last modified: 2023/03/06 11:31 by 127.0.0.1