Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- R1 KONFIG
- ----------
- crypto isakmp policy 1
- encr aes
- authentication pre-share
- group 2
- crypto isakmp key cisco address 209.165.200.226
- !
- !
- crypto ipsec transform-set TRA esp-aes esp-sha-hmac
- !
- crypto map MAP 10 ipsec-isakmp
- set peer 209.165.200.226
- set transform-set TRA
- match address 101
- !
- !
- !
- !
- !
- !
- !
- interface Tunnel0
- ip address 172.16.100.1 255.255.255.252
- tunnel source Serial0/0
- tunnel destination 209.165.200.226
- !
- interface FastEthernet0/0
- ip address 192.168.1.1 255.255.255.0
- ip nat inside
- ip virtual-reassembly
- duplex auto
- speed auto
- !
- interface Serial0/0
- ip address 209.165.200.242 255.255.255.248
- ip nat outside
- ip virtual-reassembly
- clock rate 2000000
- crypto map MAP
- !
- interface FastEthernet0/1
- no ip address
- shutdown
- duplex auto
- speed auto
- !
- interface Serial0/1
- no ip address
- shutdown
- clock rate 2000000
- !
- router eigrp 1
- network 172.16.100.0 0.0.0.3
- network 192.168.1.0
- no auto-summary
- !
- ip forward-protocol nd
- ip route 0.0.0.0 0.0.0.0 Serial0/0
- !
- !
- no ip http server
- no ip http secure-server
- ip nat inside source list 100 interface Serial0/0 overload
- !
- access-list 100 deny ip 192.168.1.0 0.0.0.255 10.10.0.0 0.0.255.255
- access-list 100 permit ip 192.168.1.0 0.0.0.255 any
- access-list 101 permit gre host 209.165.200.242 host 209.165.200.226
- !
- !
- R2 KONFIG
- ---------
- interface Loopback0
- ip address 100.1.1.1 255.255.255.224
- !
- interface FastEthernet0/0
- no ip address
- shutdown
- duplex auto
- speed auto
- !
- interface Serial0/0
- ip address 209.165.200.241 255.255.255.248
- clock rate 2000000
- !
- interface FastEthernet0/1
- no ip address
- shutdown
- duplex auto
- speed auto
- !
- interface Serial0/1
- ip address 209.165.200.225 255.255.255.248
- clock rate 2000000
- !
- ip forward-protocol nd
- ip route 209.165.200.232 255.255.255.248 Serial0/1
- !
- !
- R3 KONFIG
- ----------
- crypto isakmp policy 1
- encr aes
- authentication pre-share
- group 2
- crypto isakmp key cisco address 209.165.200.242
- !
- !
- crypto ipsec transform-set TRA esp-aes esp-sha-hmac
- !
- crypto map MAP 10 ipsec-isakmp
- set peer 209.165.200.242
- set transform-set TRA
- match address 101
- !
- !
- !
- !
- !
- !
- !
- interface Loopback0
- ip address 10.10.20.1 255.255.255.0
- ip nat inside
- ip virtual-reassembly
- !
- interface Loopback1
- no ip address
- ip nat inside
- ip virtual-reassembly
- !
- interface Tunnel0
- ip address 172.16.100.2 255.255.255.252
- tunnel source Serial0/0
- tunnel destination 209.165.200.242
- !
- interface FastEthernet0/0
- ip address 10.10.10.1 255.255.255.0
- ip nat inside
- ip virtual-reassembly
- duplex auto
- speed auto
- !
- interface Serial0/0
- ip address 209.165.200.226 255.255.255.248
- ip nat outside
- ip virtual-reassembly
- clock rate 2000000
- crypto map MAP
- !
- interface FastEthernet0/1
- no ip address
- shutdown
- duplex auto
- speed auto
- !
- interface Serial0/1
- no ip address
- shutdown
- clock rate 2000000
- !
- router eigrp 1
- network 10.10.0.0 0.0.255.255
- network 172.16.100.0 0.0.0.3
- no auto-summary
- !
- ip forward-protocol nd
- ip route 0.0.0.0 0.0.0.0 Serial0/0
- !
- !
- no ip http server
- no ip http secure-server
- ip nat pool HQ 209.165.200.233 209.165.200.237 prefix-length 29
- ip nat inside source list 100 pool HQ
- ip nat inside source static 10.10.10.238 209.165.200.238
- !
- access-list 100 deny ip 10.10.0.0 0.0.255.255 192.168.1.0 0.0.0.255
- access-list 100 permit ip 10.10.0.0 0.0.255.255 any
- access-list 101 permit gre host 209.165.200.226 host 209.165.200.242
- !
- !
- !
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement