TP4'-Ipsec VPN Site To Site

Uploaded by

GERAUD

0% found this document useful (0 votes)

139 views2 pages

TPPPGG

Original Title

TP4’

Copyright

Available Formats

PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

TPPPGG

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

139 views2 pages

TP4'-Ipsec VPN Site To Site

Uploaded by

GERAUD

TPPPGG

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 2

Search inside document

TP4’—Ipsec

VPN Site to Site

Objectif de TP: Configurer les Paramètres IPsec sur les Routeur et Vérifier le IPsec
VPN et les tester avec packet tracer.
I. Télécharger le fichier vpn 1.pkt et le lancer sous packet tracer et tester les
commandes sous R1.

1. Tester les connectivités entre les PCs et les Routeurs.
2. Configurer le properties Phase 1 de ISAKMP sous routeur R1.

Router(config)#crypto isakmp enable <=== enable IPsec

Router(config)#crypto isakmp policy 1 <=== set new policy with number 1
Router(config-isakmp)#authentication pre-share <=== using shred key authentication method (if
use certification use rsa-sig instead of pre-share)
Router(config-isakmp)#encryption aes <=== use symmetric encryption AES
Router(config-isakmp)#hash sha <=== use hash alghorthim sha for data integrity
Router(config-isakmp)#group 2 <=== use diffe helman group 2
Router(config-isakmp)#exit
Router(config)#crypto isakmp key 0 address 11.0.0.1 0.0.0.0 <=== 0 is the key will used with next
site , next site ip address 11.0.0.1 and note on packet tracer you use 0.0.0.0 instead of
subnetmask

3. Configurer le properties Phase 2 de ISAKMP sous routeur R1.
Router(config)#crypto ipsec transform-set yasser esp-aes esp-sha-hmac <=== set transform set
called yasser and esp is the protocol will be used , u can use AH on internal VPN
Router(config)#crypto ipsec security-association lifetime seconds 86400 <=== key expire
after 86400 seconds
Router(config)#ip access-list extended ramzy <=== ACL called
ramzy to tell which traffic will use the vpn tunnel
Router(config-ext-nacl)#permit ip 12.0.0.0 0.255.255.255 10.0.0.0 0.255.255.255
Router(config-ext-nacl)#exit
Router(config)#crypto map auda 100 ipsec-isakmp <=== create crypto map
called auda with seq number 100
% NOTE: This new crypto map will remain disabled until a peer
and a valid access list have been configured.
Router(config-crypto-map)#match address ramzy <=== link above ACL to
this crypto map
Router(config-crypto-map)#set peer 11.0.0.1 <=== link next site ip address
to this crypto map
Router(config-crypto-map)#set pfs group2 <=== link DH group 2 to this
crypto map
Router(config-crypto-map)#set transform-set yasser <=== link above
transform set to this crypto map
Router(config-crypto-map)#ex

4. Configurer le map crypto sur l’interface outgoing.

Router(config)#int fa 0/1 <=== apply crypto map auda to interface face the
next site link.
Router(config-if)#crypto map auda

1
*Jan 3 07:16:26.785: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is ON
Router(config-if)#do wr
Building configuration...
[OK]
Router(config-if)#^Z
Router#

II. Remplir les tableaux de ISAKMP Phase et le réaliser les paramètres que vous voulez
prédéfinir sous Routeur R0.

a) Paramètres de ISAKMP Phase 1.

Paramètres R1 R0
Key distribution Manual or ISAKMP
method
Encryption DES, 3DES, or AES
algorithm
Hashing algorithm MD5 or SHA-‐1
Authentication Pre-‐shared keys or
method RSA
Key exchange DH Group 1,2 or 5
IKE SA Lifetime 86400 seconds or
less
ISAKMP Key

b) Paramètres de ISAKMP Phase 1.

Paramètres R1 R0
Transform Set
Peer Hostname
Peer IP Address
Network to be encrypted
Crypto Map name
SA Establishment

c) Réaliser les mêmes démarches pour configurer les paramètres sous R0.

III. Vérification de IPsec VPN.

Vérifier le tunnel IPsec VPN avec les commandes et noter les résultats.

Router#show crypto Isakmp policy
Router#show crypto isakmp sa
Router#show crypto map
Router#sh crypto ipsec transform-set

Ccnpv7.1 Switch Lab 10-1 Securing Layer2 Student
Document37 pages
Ccnpv7.1 Switch Lab 10-1 Securing Layer2 Student
Alcaldia Valle De San Juan
No ratings yet
Nrf24l01 Tutorial 1 Pic18
Document9 pages
Nrf24l01 Tutorial 1 Pic18
Silvanei Fonseca Leandro
No ratings yet
Wisol Wssfm10r at Command Sfm10r Rev.00 1
Document6 pages
Wisol Wssfm10r at Command Sfm10r Rev.00 1
Adimaro
No ratings yet
Como Cargar El IOS de Un Servidor TFTP en Cisco Packet Tracer
Document2 pages
Como Cargar El IOS de Un Servidor TFTP en Cisco Packet Tracer
brayan jacome guzman
No ratings yet
Cisco Catalyst 9500 48-Port 25G Switch with Network Advantage License
Document3 pages
Cisco Catalyst 9500 48-Port 25G Switch with Network Advantage License
C K
No ratings yet
Power One Model SLI-48-115 Data Sheet
Document5 pages
Power One Model SLI-48-115 Data Sheet
shartsell
No ratings yet
NDS3542 Encoder Modulator Guide
Document6 pages
NDS3542 Encoder Modulator Guide
Boezall Siam
No ratings yet
CCNA Config Question
Document4 pages
CCNA Config Question
Asnake Mekonnen
No ratings yet
Optical Power Levels All Productsl
Document8 pages
Optical Power Levels All Productsl
ashish
100% (1)
8dtek Kingkong
Document43 pages
8dtek Kingkong
Juan Zapata
No ratings yet
Electronics Engineering Preparatory Practice #2
Document1 page
Electronics Engineering Preparatory Practice #2
mario yanez
No ratings yet
T REC G.Imp984.4 200812 S!!MSW E
Document43 pages
T REC G.Imp984.4 200812 S!!MSW E
Deepthi
No ratings yet
Highly accurate dual channel AC millivoltmeter for stereo audio measurements
Document1 page
Highly accurate dual channel AC millivoltmeter for stereo audio measurements
azamama
No ratings yet
DVC6000 Digital Valve Controller Instruction Manual
Document160 pages
DVC6000 Digital Valve Controller Instruction Manual
Jose Gustavo Robles Morales
No ratings yet
Andrew Antenna DBXLH 6565c VTM
Document4 pages
Andrew Antenna DBXLH 6565c VTM
navaneeth09
No ratings yet
Ios Collection 2008
Document22 pages
Ios Collection 2008
cursocisco
No ratings yet
7.4.3.4 Packet Tracer - Configuring Basic EIGRP With IPv6 Routing Instructions IG PDF
Document3 pages
7.4.3.4 Packet Tracer - Configuring Basic EIGRP With IPv6 Routing Instructions IG PDF
JESUSCAMPO
No ratings yet
Optocouplers Cross Reference PDF
Document3 pages
Optocouplers Cross Reference PDF
gondo
No ratings yet
7.4.3.5 Lab - Configuring Basic EIGRP For IPv6
Document9 pages
7.4.3.5 Lab - Configuring Basic EIGRP For IPv6
Arturo Varon
No ratings yet
1.3.1.3 Packet Tracer - Skills Integration Challenge
Document4 pages
1.3.1.3 Packet Tracer - Skills Integration Challenge
Bryan Gualoto
No ratings yet
RW 2954 D200 PDF
Document2 pages
RW 2954 D200 PDF
Angel Nuñez Pacheco
No ratings yet
KWP 2000
Document2 pages
KWP 2000
vigneshwaran
No ratings yet
TurboBridge5C Datasheet (AR9342)
Document4 pages
TurboBridge5C Datasheet (AR9342)
Abel Robles
No ratings yet
Resumen TR-069 y Diferencias SNMP PDF
Document26 pages
Resumen TR-069 y Diferencias SNMP PDF
Manolo Ferreira Herrera
No ratings yet
9.3.1.2 EIGRP Capstone Project Instructions IG
Document18 pages
9.3.1.2 EIGRP Capstone Project Instructions IG
Edward Joseph Tagle
No ratings yet
Costruzioni Elettroniche: Mod. KL 500 Linar Amplifier
Document4 pages
Costruzioni Elettroniche: Mod. KL 500 Linar Amplifier
Luis Carlos
No ratings yet
Vyatta - BGP
Document319 pages
Vyatta - BGP
Lee Wiscovitch
No ratings yet
CTL-OP 111 Ed.2.0 PDF
Document5 pages
CTL-OP 111 Ed.2.0 PDF
Bioingenieria LA
No ratings yet
131 - Ceragon - Trunk Vs Access - Presentation v1.3
Document14 pages
131 - Ceragon - Trunk Vs Access - Presentation v1.3
mehdi_mehdi
No ratings yet
Oil Wear
Document4 pages
Oil Wear
aabejaro
No ratings yet
Cree CGH40006p
Document15 pages
Cree CGH40006p
Qazi Kamal
No ratings yet
3.6.1.2 Packet Tracer - Configure AAA Authentication On Cisco Routers Answers
Document11 pages
3.6.1.2 Packet Tracer - Configure AAA Authentication On Cisco Routers Answers
Sultan
100% (3)
ADRV9025 SPI initialization and configuration
Document2 pages
ADRV9025 SPI initialization and configuration
AkhileshAlexGoyal
No ratings yet
Hoja de Datos/data Sheet PF6000
Document1 page
Hoja de Datos/data Sheet PF6000
laboratorio fercor
No ratings yet
Config Ejemplo Huawei
Document7 pages
Config Ejemplo Huawei
Guillermo Carrasco
No ratings yet
6.8.1 Packet Tracer - Configure Nat For Ipv4 PDF
Document2 pages
6.8.1 Packet Tracer - Configure Nat For Ipv4 PDF
María Armijos
No ratings yet
D4 - SBA-Student (To Preparation)
Document5 pages
D4 - SBA-Student (To Preparation)
Tou Her
No ratings yet
High Speed 300Mbps Super Long Range Wireless Ceiling Access Point Model: ACP-2405n Features
Document2 pages
High Speed 300Mbps Super Long Range Wireless Ceiling Access Point Model: ACP-2405n Features
maecassiopeia
No ratings yet
ROUTE Chapter 4 - CCNP ROUTE (Version 6.0)
Document12 pages
ROUTE Chapter 4 - CCNP ROUTE (Version 6.0)
AS2205
100% (5)
200.061 MP Icm Modbus User Guide en
Document28 pages
200.061 MP Icm Modbus User Guide en
Vijaya Kumar
100% (1)
Automotive Electronics Product Information Ignition Driver With Diagnosis - CK200
Document5 pages
Automotive Electronics Product Information Ignition Driver With Diagnosis - CK200
ORLANDO HERRERA
No ratings yet
Analog Device Micro Converter
Document20 pages
Analog Device Micro Converter
shailesh
No ratings yet
EEET423L Final Project
Document7 pages
EEET423L Final Project
Alan Reyes
No ratings yet
COM600 5.0 Product Guide 75764 ENh
Document50 pages
COM600 5.0 Product Guide 75764 ENh
malebolgia666
No ratings yet
ITN Final PT Skills Assessment
Document3 pages
ITN Final PT Skills Assessment
Frenchesca Darlene Caliwliw
0% (1)
User's Guide: Antenna Toolbox™
Document1,220 pages
User's Guide: Antenna Toolbox™
Ferdi Ganda Kurnia
No ratings yet
VHDL Implementation of A Mips-32 Pipeline Processor
Document5 pages
VHDL Implementation of A Mips-32 Pipeline Processor
fatima kishwar abid
No ratings yet
Actualizacion ElmDuino
Document42 pages
Actualizacion ElmDuino
Laura
No ratings yet
5.3.1.2 Packet Tracer - Skills Integration Challenge Instructions
Document2 pages
5.3.1.2 Packet Tracer - Skills Integration Challenge Instructions
Tom
0% (1)
Examen 4 Mikrtik
Document24 pages
Examen 4 Mikrtik
jorge
No ratings yet
TP4'-Ipsec VPN Site To Site
Document2 pages
TP4'-Ipsec VPN Site To Site
Geraud Tchada
No ratings yet
8.7.1.4 Packet Tracer - Configure and Verify A Site-To-Site IPsec VPN Using CLI - Instructor
Document5 pages
8.7.1.4 Packet Tracer - Configure and Verify A Site-To-Site IPsec VPN Using CLI - Instructor
Salem Trabelsi
No ratings yet
VPN Site To Site Packet Tracer 5
Document2 pages
VPN Site To Site Packet Tracer 5
R.s. Félix
No ratings yet
Configure and Verify A Site-To-Site IPsec VPN Using CLI
Document6 pages
Configure and Verify A Site-To-Site IPsec VPN Using CLI
MilošKovačević
No ratings yet
IPSec VPN LAB
Document7 pages
IPSec VPN LAB
Aparna Garg
100% (2)
Creacion VPN IPSEC
Document2 pages
Creacion VPN IPSEC
Carlos Amaranti González
No ratings yet
Configure and Verify A Site To Site IPsec VPN Using CLI
Document4 pages
Configure and Verify A Site To Site IPsec VPN Using CLI
Cristhian Hades
No ratings yet
Lab Cisco VPN-Generic
Document2 pages
Lab Cisco VPN-Generic
bliss21
100% (5)
Technical Report
Document19 pages
Technical Report
Usman
No ratings yet
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
From Everand
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
Mulayam Singh
No ratings yet
Pearsonvue Facility Requirements
Document4 pages
Pearsonvue Facility Requirements
Kedisus Chris
No ratings yet
A Training On Bts Nokia Installation and Commissioning: Presented By, Saurabh Bansal B.Tech (Ece) VTH Sem
Document40 pages
A Training On Bts Nokia Installation and Commissioning: Presented By, Saurabh Bansal B.Tech (Ece) VTH Sem
GERAUD
No ratings yet
MikroTik RouterOS Website Blocking Policy Techniques
Document36 pages
MikroTik RouterOS Website Blocking Policy Techniques
Min Min Zaw
No ratings yet
Photo/video Checklist-Required For Test Centre Applications
Document2 pages
Photo/video Checklist-Required For Test Centre Applications
GERAUD
No ratings yet
Flexi MR 10 BTS Datasheet 19022013
Document4 pages
Flexi MR 10 BTS Datasheet 19022013
GERAUD
No ratings yet
Small Cell & Hetnets in LTE
Document5 pages
Small Cell & Hetnets in LTE
GERAUD
No ratings yet
TP4'-Ipsec VPN Site To Site
Document2 pages
TP4'-Ipsec VPN Site To Site
GERAUD
No ratings yet
Cisco VPN Config Guide - CG
Document131 pages
Cisco VPN Config Guide - CG
bjb302
No ratings yet
7.1.2.4 Packet Tracer - Configuring VPNs (Optional) Instructions
Document6 pages
7.1.2.4 Packet Tracer - Configuring VPNs (Optional) Instructions
Paritosh Kumar
No ratings yet
5G Fundamentals & Potential Deployments
Document5 pages
5G Fundamentals & Potential Deployments
GERAUD
No ratings yet
Itu-T Lte
Document37 pages
Itu-T Lte
nidya
No ratings yet
Cellular Qos
Document24 pages
Cellular Qos
dayoladejo777
No ratings yet
Huawei Genex Probe (All Versions), Huawei Genex Assistant (All Versions), Tems Investigation (All Versions, Mapinfo Professional (All Versions), Google Earth
Document9 pages
Huawei Genex Probe (All Versions), Huawei Genex Assistant (All Versions), Tems Investigation (All Versions, Mapinfo Professional (All Versions), Google Earth
GERAUD
No ratings yet
Understanding Next Generation Architectures
Document4 pages
Understanding Next Generation Architectures
GERAUD
No ratings yet
5G Architectural System Design
Document6 pages
5G Architectural System Design
GERAUD
No ratings yet
4gmark Barometer 2016 WORLD
Document13 pages
4gmark Barometer 2016 WORLD
GERAUD
No ratings yet
+ Strong Embedded C + Experience With Wireless Tech (Wifi, Tcp/Ip Etc) + Linux Background + An Interest in Iot Products
Document1 page
+ Strong Embedded C + Experience With Wireless Tech (Wifi, Tcp/Ip Etc) + Linux Background + An Interest in Iot Products
GERAUD
No ratings yet
Universal Mobile Telecommunication System
Document63 pages
Universal Mobile Telecommunication System
Ritesh Ranjan
No ratings yet
Resume Security Engineer
Document9 pages
Resume Security Engineer
GERAUD
No ratings yet
Resume Security Engineer
Document9 pages
Resume Security Engineer
GERAUD
No ratings yet
Earn A Masters Degree in Computer Science With Paid Internship in A Company in The U.S
Document12 pages
Earn A Masters Degree in Computer Science With Paid Internship in A Company in The U.S
GERAUD
No ratings yet
Core Network Planning, Optimization and Forecasting in GSM/GPRS Networks
Document7 pages
Core Network Planning, Optimization and Forecasting in GSM/GPRS Networks
yeboua1
No ratings yet
2015 CBK® Training Seminar Pricing: (ISC) Americas (ISC) Asia-Pacific (Isc) Emea
Document2 pages
2015 CBK® Training Seminar Pricing: (ISC) Americas (ISC) Asia-Pacific (Isc) Emea
GERAUD
No ratings yet
Ccna2 3lab1 PDF
Document5 pages
Ccna2 3lab1 PDF
Ferry Kurniawan
No ratings yet
CCNA Security Instructor Lab Manual v1 p2 PDF
Document1 page
CCNA Security Instructor Lab Manual v1 p2 PDF
GERAUD
No ratings yet
BENMIMOUNE Abderrahmane
Document153 pages
BENMIMOUNE Abderrahmane
GERAUD
No ratings yet
IEEE Network Journal 5G Xi Zhang
Document8 pages
IEEE Network Journal 5G Xi Zhang
GERAUD
No ratings yet
02 - A Survey of Energy-Efficient Techniques For 5G and Challenges Ahead
Document14 pages
02 - A Survey of Energy-Efficient Techniques For 5G and Challenges Ahead
GERAUD
No ratings yet
5G Vision Brochure v1
Document16 pages
5G Vision Brochure v1
jcaldwell17
No ratings yet
STI V34104 Data Sheet
Document2 pages
STI V34104 Data Sheet
JMAC Supply
No ratings yet
Konkrit
Document41 pages
Konkrit
Tuan Jalai
0% (1)
BDD Bubble Diagram Analisa Organisasi Ruang
Document1 page
BDD Bubble Diagram Analisa Organisasi Ruang
anon_545295732
No ratings yet
J2ee Developer With 10 Years Experience Resume
Document4 pages
J2ee Developer With 10 Years Experience Resume
diva
No ratings yet
2017 Laureates Rafael Aranda, Carme Pigem and Ramon Vilalta Spain Media Kit
Document26 pages
2017 Laureates Rafael Aranda, Carme Pigem and Ramon Vilalta Spain Media Kit
Manu Chacko
No ratings yet
Philips 221e2sb 221el2sb Service Manual
Document104 pages
Philips 221e2sb 221el2sb Service Manual
Lord_Joel
No ratings yet
Togaf 9 Scenario Questions
Document5 pages
Togaf 9 Scenario Questions
dineshkaushal
No ratings yet
A Neoteric Funerary Design Approach: Sustainable Modular Entombment in Baguio City
Document15 pages
A Neoteric Funerary Design Approach: Sustainable Modular Entombment in Baguio City
Ed dela Pena
100% (1)
CC Marine 2013-14 Catalogue - Sailing
Document8 pages
CC Marine 2013-14 Catalogue - Sailing
GregGGH
No ratings yet
Write Verb to be and Short Form
Document1 page
Write Verb to be and Short Form
Svetla Stanoeva
0% (1)
74HC165 8-Bit PISO Shift Register
Document10 pages
74HC165 8-Bit PISO Shift Register
oscar_ceja_02
No ratings yet
Sop On Maintenance of Air Handling Unit - Pharmaceutical Guidance
Document3 pages
Sop On Maintenance of Air Handling Unit - Pharmaceutical Guidance
ruhy690
100% (1)
963 Familybrochure
Document4 pages
963 Familybrochure
Abdelkader Draï
No ratings yet
Exicom Test Report
Document7 pages
Exicom Test Report
saravananbalu
No ratings yet
Slicehost API: April 1, 2008
Document8 pages
Slicehost API: April 1, 2008
Oleksiy Kovyrin
No ratings yet
Varicondition DX en
Document5 pages
Varicondition DX en
carlos16702014
No ratings yet
HP Installation and Startup Service For HP BladeSystem C Class Infrastructure
Document7 pages
HP Installation and Startup Service For HP BladeSystem C Class Infrastructure
nimdamsk
No ratings yet
Log Book - Ansal School of Architecture - Docx 4t Year PDF
Document7 pages
Log Book - Ansal School of Architecture - Docx 4t Year PDF
sameen rizvi
No ratings yet
As 400 User Guide
Document95 pages
As 400 User Guide
DSunte Wilson
No ratings yet
Manual SurePOS 4810-x4x
Document23 pages
Manual SurePOS 4810-x4x
Alex Garcia Diaz
No ratings yet
A Shortcuts
Document2 pages
A Shortcuts
nicoNicoleta
No ratings yet
D+A Magazine Issue 085, 2015
Document116 pages
D+A Magazine Issue 085, 2015
Bùi Thắng
No ratings yet
Sap Terp10
Document7 pages
Sap Terp10
naifn
No ratings yet
Flat Slab
Document19 pages
Flat Slab
Paramveer Singh
No ratings yet
CS6461 Computer Architecture Lecture 8
Document61 pages
CS6461 Computer Architecture Lecture 8
闫麟阁
No ratings yet
Plucka 1450909082
Document83 pages
Plucka 1450909082
Aymeeen
No ratings yet
Contemporary Architecture in Different Areas of The Arab World: Redefining Identity Through A New Built Environment
Document11 pages
Contemporary Architecture in Different Areas of The Arab World: Redefining Identity Through A New Built Environment
akshi
No ratings yet
Ubuntu (Operating System) - Wikipedia, The Free Encyclopedia
Document21 pages
Ubuntu (Operating System) - Wikipedia, The Free Encyclopedia
d_richard_d
No ratings yet
Part2 5548C E60-E200 Funct
Document111 pages
Part2 5548C E60-E200 Funct
erbili
No ratings yet
How To Create or Move A Global Catalog in Windows Server 2003
Document5 pages
How To Create or Move A Global Catalog in Windows Server 2003
Kiran Kadri
No ratings yet