Professional Documents
Culture Documents
R1
int l1
ip add 192.168.101.1 255.255.255.0
no shutdown
int s1/0
no shutdown
ip add 101.1.1.100 255.255.255.0
no shutdown
ip route 0.0.0.0 0.0.0.0 101.1.1.1
ISP
interface serial 0/0
no shutdown
ip add 101.1.1.1 255.255.255.0
no shutdown
int s0/1
no shutdown
ip add 102.1.1.1 255.255.255.0
no shutdown
R2
int l1
ip add 192.168.102.1 255.255.255.0
no shutdown
int s1/0
no shutdown
ip add 102.1.1.100 255.255.255.0
no shutdown
ip route 0.0.0.0 0.0.0.0 102.1.1.1
R1
crypto ikev2 proposal 1
encryption aes-cbc-128
integrity sha1
group 5
crypto ikev2 policy 1
proposal 1
int s1/0
crypto map test
R2
crypto ikev2 proposal 1
encryption aes-cbc-128
integrity sha1
group 5
crypto ikev2 policy 1
proposal 1
crypto ikev2 keyring 1
peer any
address 0.0.0.0 0.0.0.0
pre-shared-key shiva
!
crypto ikev2 profile 1
match identity remote address 0.0.0.0
authentication remote pre-share
authentication local pre-share
keyring local 1
crypto ipsec security-association lifetime seconds 1800
crypto ipsec transform-set t-set esp-aes esp-sha-hmac
mode tunnel
crypto map test 10 ipsec-isakmp
set peer 101.1.1.100
set transform-set t-set
set ikev2-profile 1
match address 102
access-list 102 permit ip 192.168.102.0 0.0.0.255 192.168.101.0 0.0.0.255
int s1/0
crypto map test
inbound ah sas:
inbound pcp sas: