您好,登录后才能下订单哦!
密码登录
登录注册
点击 登录注册 即表示同意《亿速云用户服务条款》
拓扑图:![[简简单单]神州数码防火墙与路由器实现IPSec](https://cache.yisu.com/upload/information/20200217/69/5533.jpg)
一、R2的配置
接口配置
interface FastEthernet0/0**
ip address 10.135.101.254 255.255.255.0
interface GigaEthernet0/3**
ip address 11.1.1.2 255.255.255.252
crypto map VP1隧道配置
crypto isakmp key 12345 11.1.1.1 255.255.255.255
!
crypto isakmp policy 1
group 2
hash md5
!
crypto ipsec transform-set p2
transform-type esp-des esp-md5-hmac
!
crypto map VP1 0 ipsec-isakmp
set peer 11.1.1.1
set pfs group2
set transform-set p2
match address vpacl
感兴趣的流量配置
ip access-list extended vpacl
permit ip 10.135.101.0 255.255.255.0 192.168.1.0 255.255.255.0
二、FW1的配置
![[简简单单]神州数码防火墙与路由器实现IPSec](https://cache.yisu.com/upload/information/20200217/69/5536.jpg)
![[简简单单]神州数码防火墙与路由器实现IPSec](https://cache.yisu.com/upload/information/20200217/69/5538.jpg)
![[简简单单]神州数码防火墙与路由器实现IPSec](https://cache.yisu.com/upload/information/20200217/69/5540.jpg)
![[简简单单]神州数码防火墙与路由器实现IPSec](https://cache.yisu.com/upload/information/20200217/69/5546.jpg)
![[简简单单]神州数码防火墙与路由器实现IPSec](https://cache.yisu.com/upload/information/20200217/69/5549.jpg)
![[简简单单]神州数码防火墙与路由器实现IPSec](https://cache.yisu.com/upload/information/20200217/69/5552.jpg)
![[简简单单]神州数码防火墙与路由器实现IPSec](https://cache.yisu.com/upload/information/20200217/69/5557.jpg)
![[简简单单]神州数码防火墙与路由器实现IPSec](https://cache.yisu.com/upload/information/20200217/69/5559.jpg)
三、在FW1或R2内ping对端内网网关,触发隧道,连通之后状态如下:
![[简简单单]神州数码防火墙与路由器实现IPSec](https://cache.yisu.com/upload/information/20200217/69/5563.jpg)
![[简简单单]神州数码防火墙与路由器实现IPSec](https://cache.yisu.com/upload/information/20200217/69/5564.jpg)
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。