Scribd Logo
Upload

Welcome to Scribd!

  • Configuração VPN Site To Site

    Uploaded by

    Naady Neves
    5 views6 pages

    Original Title

    Configuração VPN Site to Site

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    5 views6 pages

    Configuração VPN Site To Site

    Uploaded by

    Naady Neves

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 6

    Router A Router(config)#int f0/0 Router(config-if)# ip address 192.168.10.1 255.255.255.0 Router(config-if)#no shut Router(config)#int f0/1 Router(config-if)#ip address 10.0.0.1 255.0.0.

    0 Router(config-if)#no shut Router(config)#router rip Router(config-router)#network 192.168.10.0 Router(config-router)#network 10.0.0.0 Router(config)#crypto isakmp policy 10 Router(config-isakmp)#authentication pre-share Router(config-isakmp)#hash sha Router(config-isakmp)#encryption aes 256 Router(config-isakmp)#group 2 Router(config-isakmp)#lifetime 86400 Router(config)#crypto isakmp key toor address 10.0.0.2 Router(config)#crypto ipsec transform-set TSET esp-aes esp-sha-hmac Router(config)#access-list 101 permit ip 192.168.10.0 0.0.0.255 192.168.20.0 0.0.0.255 Router(config)#crypto map CMAP 10 ipsec-isakmp Router(config-crypto-map)#set peer 10.0.0.2 Router(config-crypto-map)#match address 101 Router(config-crypto-map)#set transform-set TSET Router(config)#int f0/1 Router(config-if)#crypto map CMAP Router(config-if)#do wr

    Router B Router(config)#int f0/0 Router(config-if)#ip address 192.168.20.1 255.255.255.0 Router(config-if)#no shut

    Router(config)#int f0/1 Router(config-if)#ip address 10.0.0.2 255.0.0.0 Router(config-if)#no shut Router(config)#router rip Router(config-router)#network 192.168.20.0 Router(config-router)#network 10.0.0.0 Router(config-router)#version 2 Router(config)#crypto isakmp policy 10 Router(config-isakmp)#authentication pre-share Router(config-isakmp)#hash sha Router(config-isakmp)#encryption aes 256 Router(config-isakmp)#group 2 Router(config-isakmp)#lifetime 86400 Router(config)#crypto isakmp key toor address 10.0.0.1 Router(config)#crypto ipsecc transform-set TSET esp-aes esp-sha-hmac Router(config)#access-list 101 permit ip 192.168.20.0 0.0.0.255 192.168.10.0 0.0.0.255 Router(config)#crypto map CMAP 10 ipsec-isakmp Router(config-crypto-map)#set peer 10.0.0.1 Router(config-crypto-map)#match address 101 Router(config-crypto-map)#set transform-set TSET Router(config)#int f0/1 Router(config-if)#crypto map CMAP Router(config-if)#do wr Router A Router#show crypto isakmp sa IPv4 Crypto ISAKMP SA dst 10.0.0.2 src state conn-id slot status 1027 0 ACTIVE

    10.0.0.1

    QM_IDLE

    Router#show crypto ipsec sa interface: FastEthernet0/1

    Crypto map tag: CMAP, local addr 10.0.0.1

    protected vrf: (none) local ident (addr/mask/prot/port): (192.168.10.0/255.255.255.0/0/0) remote ident (addr/mask/prot/port): (192.168.20.0/255.255.255.0/0/0) current_peer 10.0.0.2 port 500 PERMIT, flags={origin_is_acl,} #pkts encaps: 2, #pkts encrypt: 2, #pkts digest: 0 #pkts decaps: 3, #pkts decrypt: 3, #pkts verify: 0 #pkts compressed: 0, #pkts decompressed: 0 #pkts not compressed: 0, #pkts compr. failed: 0 #pkts not decompressed: 0, #pkts decompress failed: 0 #send errors 0, #recv errors 0

    local crypto endpt.: 10.0.0.1, remote crypto endpt.:10.0.0.2 path mtu 1500, ip mtu 1500, ip mtu idb FastEthernet0/1 current outbound spi: 0x01E40974(31721844)

    inbound esp sas: spi: 0x1E216472(505504882) transform: esp-aes esp-sha-hmac , in use settings ={Tunnel, } conn id: 2002, flow_id: FPGA:1, crypto map: CMAP sa timing: remaining key lifetime (k/sec): (4525504/3467) IV size: 16 bytes replay detection support: N Status: ACTIVE

    inbound ah sas:

    inbound pcp sas:

    outbound esp sas: spi: 0x01E40974(31721844) transform: esp-aes esp-sha-hmac , in use settings ={Tunnel, } conn id: 2003, flow_id: FPGA:1, crypto map: CMAP sa timing: remaining key lifetime (k/sec): (4525504/3467) IV size: 16 bytes replay detection support: N Status: ACTIVE

    Router B Router#show crypto isakmp sa IPv4 Crypto ISAKMP SA dst 10.0.0.1 src state conn-id slot status 1098 0 ACTIVE

    10.0.0.2

    QM_IDLE

    IPv6 Crypto ISAKMP AS

    Router#show crypto ipsec sa

    interface: FastEthernet0/1 Crypto map tag: CMAP, local addr 10.0.0.2

    protected vrf: (none) local ident (addr/mask/prot/port): (192.168.20.0/255.255.255.0/0/0) remote ident (addr/mask/prot/port): (192.168.10.0/255.255.255.0/0/0) current_peer 10.0.0.1 port 500 PERMIT, flags={origin_is_acl,} #pkts encaps: 4, #pkts encrypt: 4, #pkts digest: 0 #pkts decaps: 3, #pkts decrypt: 3, #pkts verify: 0

    #pkts compressed: 0, #pkts decompressed: 0 #pkts not compressed: 0, #pkts compr. failed: 0 #pkts not decompressed: 0, #pkts decompress failed: 0 #send errors 1, #recv errors 0

    local crypto endpt.: 10.0.0.2, remote crypto endpt.:10.0.0.1 path mtu 1500, ip mtu 1500, ip mtu idb FastEthernet0/1 current outbound spi: 0x1E216472(505504882)

    inbound esp sas: spi: 0x01E40974(31721844) transform: esp-aes esp-sha-hmac , in use settings ={Tunnel, } conn id: 2002, flow_id: FPGA:1, crypto map: CMAP sa timing: remaining key lifetime (k/sec): (4525504/3186) IV size: 16 bytes replay detection support: N Status: ACTIVE

    inbound ah sas:

    inbound pcp sas:

    outbound esp sas: spi: 0x1E216472(505504882) transform: esp-aes esp-sha-hmac , in use settings ={Tunnel, } conn id: 2003, flow_id: FPGA:1, crypto map: CMAP sa timing: remaining key lifetime (k/sec): (4525504/3186) IV size: 16 bytes replay detection support: N

    Status: ACTIVE

    You might also like