[RouterA]ipsec policy map1 10 manual[RouterA-ipsec-policy-manual-map1-10]security acl 3101[RouterA-ipsec-policy-manual-map1-10]proposal tran1[RouterA-ipsec-policy-manual-map1-10]tunnel remote 2.1.1.1[RouterA-ipsec-policy-manual-map1-10]tunnel local 1.1.1.1[RouterA-ipsec-policy-manual-map...
ipsec policy map1 10 manual security acl 3000 proposal tran1 tunnel local 1.1.5.1 tunnel remote 1.1.3.1 sa spi inbound esp 87654321//inbound和outbound镜像对应 sa string-key inbound esp gfedcba//inbound和outbound镜像对应 sa spi outbound esp 12345678//inbound和outbound镜像对应 sa string-key out...
[SwitchA] ipsec policy map1 10 manual # 指定引用ACL 3101。 [SwitchA-ipsec-policy-manual-map1-10] security acl 3101 # 指定引用的IPsec安全提议为tran1。 [SwitchA-ipsec-policy-manual-map1-10] transform-set tran1 # 指定IPsec隧道对端IP地址为2.2.3.1。 [SwitchA-ipsec-policy-manual-map1-10]...
[RouterA] ipsec policy map1 10 manual # 指定引用ACL 3101。 [RouterA-ipsec-policy-manual-map1-10] security acl 3101 # 指定引用的IPsec安全提议为tran1。 [RouterA-ipsec-policy-manual-map1-10] transform-set tran1 # 指定IPsec隧道对端IP地址为2.2.3.1。 [RouterA-ipsec-policy-manual-map1-10]...
# Manually create an IPSec policy on RouterA. [RouterA] ipsec policy map1 10 manual [RouterA-ipsec-policy-manual-map1-10] security acl 3101 [RouterA-ipsec-policy-manual-map1-10] proposal tran1 [RouterA-ipsec-policy-manual-map1-10] tunnel remote 2.1.1.1 [RouterA-ipsec-...
ipsec policy map2 10 manual //指定引用的IPsec安全提议为tran1 transform-set tran1 //指定引用ACL 3401 security acl 3401 //指定IPsec隧道对端IP地址为13.1.1.3 remote-address 13.1.1.3 //配置ESP协议的出方向SPI为12345,入方向SPI为54321。SA由一个三元组来唯一标识,这个三元组包括SPI(Security Parameter ...
#创建一条IKE协商方式的IPsec安全策略,名称为map1,序列号为10。 [RouterA] ipsec policy map1 10 isakmp #指定引用ACL 3101。 [RouterA-ipsec-policy-isakmp-map1-10] security acl 3101 #指定引用的安全提议为tran1。 [RouterA-ipsec-policy-isakmp-map1-10] transform-set tran1 ...
Serial4/0192.168.1.2YESmanual up up Serial4/1192.168.2.2YESmanual up up 在SITE-A-ROUTER 1 和 2 上配置通往R3 的默认路由 代码语言:javascript 代码运行次数:0 运行 AI代码解释 SITE-A-ROUTER(config)#ip route0.0.0.00.0.0.0serial4/0SITE-A-ROUTER(config)#endSITE-B-ROUTER(config)#ip route0.0....
crypto map mymap 65535 ipsec-isakmp dynamic dyn ! interface fastethernet0/0 ip address dhcp crypto map secure_b Router B crypto isakmp policy 10 encr aes authentication pre-share group 2 ! ip access-list extended crypto-ACL permit ip 192.168.20.0 0.0.0.255 192.168.10.0 0.0.0.255 ...
Policy-based VPNs allow traffic to be directed to a VPN on a policy-by-policy basis, including the ability to match traffic based on the source IP, destination IP, application, and respective to- and from-zones. When using policy-based VPNs, the action of “Tunnel” is used, which ...