Advertisement
Guest User

Untitled

a guest
Jan 16th, 2013
77
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.46 KB | None | 0 0
  1. R1 KONFIG
  2. ----------
  3. crypto isakmp policy 1
  4. encr aes
  5. authentication pre-share
  6. group 2
  7. crypto isakmp key cisco address 209.165.200.226
  8. !
  9. !
  10. crypto ipsec transform-set TRA esp-aes esp-sha-hmac
  11. !
  12. crypto map MAP 10 ipsec-isakmp
  13. set peer 209.165.200.226
  14. set transform-set TRA
  15. match address 101
  16. !
  17. !
  18. !
  19. !
  20. !
  21. !
  22. !
  23. interface Tunnel0
  24. ip address 172.16.100.1 255.255.255.252
  25. tunnel source Serial0/0
  26. tunnel destination 209.165.200.226
  27. !
  28. interface FastEthernet0/0
  29. ip address 192.168.1.1 255.255.255.0
  30. ip nat inside
  31. ip virtual-reassembly
  32. duplex auto
  33. speed auto
  34. !
  35. interface Serial0/0
  36. ip address 209.165.200.242 255.255.255.248
  37. ip nat outside
  38. ip virtual-reassembly
  39. clock rate 2000000
  40. crypto map MAP
  41. !
  42. interface FastEthernet0/1
  43. no ip address
  44. shutdown
  45. duplex auto
  46. speed auto
  47. !
  48. interface Serial0/1
  49. no ip address
  50. shutdown
  51. clock rate 2000000
  52. !
  53. router eigrp 1
  54. network 172.16.100.0 0.0.0.3
  55. network 192.168.1.0
  56. no auto-summary
  57. !
  58. ip forward-protocol nd
  59. ip route 0.0.0.0 0.0.0.0 Serial0/0
  60. !
  61. !
  62. no ip http server
  63. no ip http secure-server
  64. ip nat inside source list 100 interface Serial0/0 overload
  65. !
  66. access-list 100 deny ip 192.168.1.0 0.0.0.255 10.10.0.0 0.0.255.255
  67. access-list 100 permit ip 192.168.1.0 0.0.0.255 any
  68. access-list 101 permit gre host 209.165.200.242 host 209.165.200.226
  69. !
  70. !
  71.  
  72. R2 KONFIG
  73. ---------
  74. interface Loopback0
  75. ip address 100.1.1.1 255.255.255.224
  76. !
  77. interface FastEthernet0/0
  78. no ip address
  79. shutdown
  80. duplex auto
  81. speed auto
  82. !
  83. interface Serial0/0
  84. ip address 209.165.200.241 255.255.255.248
  85. clock rate 2000000
  86. !
  87. interface FastEthernet0/1
  88. no ip address
  89. shutdown
  90. duplex auto
  91. speed auto
  92. !
  93. interface Serial0/1
  94. ip address 209.165.200.225 255.255.255.248
  95. clock rate 2000000
  96. !
  97. ip forward-protocol nd
  98. ip route 209.165.200.232 255.255.255.248 Serial0/1
  99. !
  100. !
  101.  
  102. R3 KONFIG
  103. ----------
  104. crypto isakmp policy 1
  105. encr aes
  106. authentication pre-share
  107. group 2
  108. crypto isakmp key cisco address 209.165.200.242
  109. !
  110. !
  111. crypto ipsec transform-set TRA esp-aes esp-sha-hmac
  112. !
  113. crypto map MAP 10 ipsec-isakmp
  114. set peer 209.165.200.242
  115. set transform-set TRA
  116. match address 101
  117. !
  118. !
  119. !
  120. !
  121. !
  122. !
  123. !
  124. interface Loopback0
  125. ip address 10.10.20.1 255.255.255.0
  126. ip nat inside
  127. ip virtual-reassembly
  128. !
  129. interface Loopback1
  130. no ip address
  131. ip nat inside
  132. ip virtual-reassembly
  133. !
  134. interface Tunnel0
  135. ip address 172.16.100.2 255.255.255.252
  136. tunnel source Serial0/0
  137. tunnel destination 209.165.200.242
  138. !
  139. interface FastEthernet0/0
  140. ip address 10.10.10.1 255.255.255.0
  141. ip nat inside
  142. ip virtual-reassembly
  143. duplex auto
  144. speed auto
  145. !
  146. interface Serial0/0
  147. ip address 209.165.200.226 255.255.255.248
  148. ip nat outside
  149. ip virtual-reassembly
  150. clock rate 2000000
  151. crypto map MAP
  152. !
  153. interface FastEthernet0/1
  154. no ip address
  155. shutdown
  156. duplex auto
  157. speed auto
  158. !
  159. interface Serial0/1
  160. no ip address
  161. shutdown
  162. clock rate 2000000
  163. !
  164. router eigrp 1
  165. network 10.10.0.0 0.0.255.255
  166. network 172.16.100.0 0.0.0.3
  167. no auto-summary
  168. !
  169. ip forward-protocol nd
  170. ip route 0.0.0.0 0.0.0.0 Serial0/0
  171. !
  172. !
  173. no ip http server
  174. no ip http secure-server
  175. ip nat pool HQ 209.165.200.233 209.165.200.237 prefix-length 29
  176. ip nat inside source list 100 pool HQ
  177. ip nat inside source static 10.10.10.238 209.165.200.238
  178. !
  179. access-list 100 deny ip 10.10.0.0 0.0.255.255 192.168.1.0 0.0.0.255
  180. access-list 100 permit ip 10.10.0.0 0.0.255.255 any
  181. access-list 101 permit gre host 209.165.200.226 host 209.165.200.242
  182. !
  183. !
  184. !
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement