R1tunnel1# show config
# RT105e Rev.6.03.28 (Thu Jul 24 16:44:14 2003)
# MAC Address : 00:a0:de:17:99:ec, 00:a0:de:17:99:ed
# Memory 16Mbytes, 2LAN
administrator password *
security class 1 on on
console prompt R1
ip lan1 address 1.1.1.2/24
ip lan1 ospf area backbone
ip lan2 address 1.1.2.1/24
ip lan2 ospf area backbone
ip lan2 nat descriptor 1
tunnel select 1
ipsec tunnel 101
tunnel enable 1
ip route 1.1.4.0/24 gateway tunnel 1
nat descriptor type 1 nat
nat descriptor address outer 1 1.1.2.1-1.1.2.10
nat descriptor address inner 1 1.1.1.1-1.1.1.10
ospf use on
ospf router id 1.1.2.1
ospf area backbone
ipsec auto refresh on
ipsec ike duration ipsec-sa 1 24000
ipsec ike duration isakmp-sa 1 24000
ipsec ike local address 1 1.1.2.1
ipsec ike pre-shared-key 1 text himitsu
ipsec ike remote address 1 1.1.3.2
ipsec sa policy 101 1 esp des-cbc
R1tunnel1#
R2# show config
# RT105e Rev.6.03.28 (Thu Jul 24 16:44:14 2003)
# MAC Address : 00:a0:de:16:86:65, 00:a0:de:16:86:66
# Memory 16Mbytes, 2LAN
administrator password *
security class 1 on on
console prompt R2
ip lan1 address 1.1.3.2/24
ip lan1 ospf area backbone
ip lan2 address 1.1.4.1/24
ip lan2 ospf area backbone
tunnel select 1
ipsec tunnel 101
tunnel enable 1
ip route default gateway tunnel 1 filter 1
ip route 1.1.1.0/24 gateway tunnel 1
ip filter 1 pass 1.1.4.1-1.1.4.10 *
ospf use on
ospf router id 1.1.3.2
ospf area backbone
ipsec auto refresh on
ipsec ike duration ipsec-sa 1 24000
ipsec ike duration isakmp-sa 1 24000
ipsec ike local address 1 1.1.3.2
ipsec ike pre-shared-key 1 text himitsu
ipsec ike remote address 1 1.1.2.1
ipsec sa policy 101 1 esp des-cbc
R2#
R3#show running-config
Building configuration...
Current configuration : 1011 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
enable password cisco
!
ip subnet-zero
ip cef
!
!
no ip domain-lookup
!
!
!
!
interface Loopback0
ip address 1.1.1.10 255.255.255.255
!
interface Loopback1
ip address 1.1.1.11 255.255.255.255
!
interface Loopback2
ip address 1.1.1.12 255.255.255.255
!
interface Loopback3
ip address 1.1.1.13 255.255.255.255
!
interface Loopback4
ip address 1.1.1.14 255.255.255.255
!
interface Loopback5
ip address 1.1.1.15 255.255.255.255
!
interface Ethernet0/0
ip address 1.1.2.3 255.255.255.0
half-duplex
!
interface Ethernet0/1
ip address 1.1.3.3 255.255.255.0
half-duplex
!
router ospf 1
log-adjacency-changes
network 1.1.1.13 0.0.0.0 area 0
network 1.1.1.14 0.0.0.0 area 0
network 1.1.1.15 0.0.0.0 area 0
network 1.1.2.3 0.0.0.0 area 0
network 1.1.3.3 0.0.0.0 area 0
!
ip classless
ip http server
!
!
line con 0
line aux 0
line vty 0 4
password cisco
login
!
end
0 件のコメント:
コメントを投稿