Configuration Guide 7. IPSec Tunneling
Version 7.2 47 Security Setup
Configuration of MSBR-86 is as follows:
configure data
access-list IPSEC permit gre any any
access-list ALL_BUT_IPSEC deny gre any any
access-list ALL_BUT_IPSEC permit ip any any
crypto isakmp policy 1
encr aes 256
authentication rsa-sig
hash sha
group 5
lifetime 3600
exit
crypto ipsec transform-set crypto_set esp-aes 256 esp-sha-hmac
mode tunnel
exit
crypto map MAP1 1 ipsec-isakmp
set peer 10.31.2.31
set transform-set crypto_set
set security-association lifetime seconds 3600
match address IPSEC
set default-route
exit
interface GigabitEthernet 0/0
ip address 10.4.2.86 255.255.255.0
mtu auto
desc "WAN Copper"
no ipv6 enable
speed auto
duplex auto
no service dhcp
ip dns server auto
no napt
crypto map MAP1
firewall enable
no shutdown
exit
interface VLAN 1
ip address 192.168.100.1 255.255.255.0
mtu auto
desc "LAN switch VLAN 1"
no ipv6 enable
no service dhcp
ip dns server static
ip name-server 1.1.1.1 8.8.8.8
no napt
no firewall enable
no link-state monitor
no shutdown
exit
interface GRE 2
ip address 16.0.0.1 255.255.255.252
To Next Page
Loading...
