milan米兰体育官网 l2tpv3 tunnel-profile

milan米兰体育ネットワーク機器の総合ブランド　ファイテルネット

milan米兰体育官网例

milan米兰体育官网トンネルをover IPsecで接続する

内容

下記リンクよりご確認ください。

1.EtherIP over IPsecで接続する： milan米兰体育官网を使用★NEW	センタ側のmilan米兰体育官网のご利用は
1.EtherIP over IPsecで接続する： milan米兰体育官网を使用★NEW	拠点側のmilan米兰体育官网のご利用は
2.milan米兰体育官网TPv3 over IPsecで接続する★NEW	センタ側のmilan米兰体育官网のご利用は
	拠点1のmilan米兰体育官网のご利用は
	拠点2のmilan米兰体育官网のご利用は

crypto ipsec policy P2-POLICY
 set pfs group14
 set security-association always-up
 set security-association lifetime seconds 28800
 set security-association transform-keysize aes 256 256 256
 set security-association transform esp-aes esp-sha-hmac
 set mtu 1454
 set ip df-bit 0
 set ip fragment post
exit
!
crypto ipsec selector SELECTOR
 src 1 ipv4 any
 dst 1 ipv4 any
exit
!
milan米兰体育官网 keepalive
logging level informational
milan米兰体育官网 log sa
milan米兰体育官网 log session
milan米兰体育官网 log negotiation-fail
!
milan米兰体育官网 policy P1-POLICY
 authentication pre-share
 encryption aes
 encryption-keysize aes 256 256 256
 group 14
 lifetime 86400
 hash sha
 initiate-mode aggressive
exit
!
milan米兰体育官网 profile PROF0001
 self-identity user-fqdn id-kyoten
 set peer 192.0.2.1
 set isakmp-policy P1-POLICY
 set ipsec-policy P2-POLICY
 ike-version 1
 local-key SECRET-VPN
exit
!
crypto map CENTER ipsec-isakmp
 match address SELECTOR
 set isakmp-profile PROF0001
exit
!
vlan any 10 20
!
interface GigaEthernet 1/1
 vlan-id any
 bridge-group 1
exit
!
interface GigaEthernet 1/2
 vlan-id any
 bridge-group 1
exit
!
interface GigaEthernet 2/1
 vlan-id 2
 bridge-group 2
 pppoe enable
exit
!
interface Loopback 1
 ip address 10.0.0.2
exit
!
interface Tunnel 1
 description FLETS
 ip access-group 100 in
 ip access-group 111 in
 ip access-group 121 out
 tunnel mode pppoe profile PPPOE_PROF
 pppoe interface gigaethernet 2/1
exit
!
interface Tunnel 2
 tunnel mode ipsec map CENTER
exit
!
interface Tunnel 3
 tunnel mode ether-ip tunnel-profile etherip-prof
 bridge-group 1
exit
!
ether-ip tunnel-profile etherip-prof
 tunnel source 10.0.0.2
 tunnel destination 10.0.0.1
exit
!
pppoe profile PPPOE_PROF
 account abc345@***.***.ne.jp zzzyyyxxx
exit
!
end</pre>

<pre>access-list 100 permit udp any eq 500 192.0.2.1 0.0.0.0 eq 500
access-list 100 permit 50 any 192.0.2.1 0.0.0.0
access-list 111 deny ip any any
access-list 121 spi ip any any
!
ip route 0.0.0.0 0.0.0.0 tunnel 1
ip route 10.0.0.2 255.255.255.255 tunnel 2
ip route 10.0.0.3 255.255.255.255 tunnel 3
!
hostname CENTER
!
crypto ipsec policy P2-POLICY
 set pfs group14
 set security-association lifetime seconds 28800
 set security-association transform-keysize aes 256 256 256
 set security-association transform esp-aes esp-sha-hmac
 set mtu 1454
 set ip df-bit 0
 set ip fragment post
exit
!
crypto ipsec selector SELECTOR
 src 1 ipv4 any
 dst 1 ipv4 any
exit
!
crypto isakmp keepalive
logging level informational
crypto isakmp log sa
crypto isakmp log session
crypto isakmp log negotiation-fail
milan米兰体育官网tpv3 log session
!
crypto isakmp policy P1-POLICY
 authentication pre-share
 encryption aes
 encryption-keysize aes 256 256 256
 group 14
 lifetime 86400
 hash sha
 initiate-mode aggressive
exit
!
crypto isakmp profile PROF0001
 match identity user id-kyoten1
 local-address 192.0.2.1
 set isakmp-policy P1-POLICY
 set ipsec-policy P2-POLICY
 ike-version 1
 local-key SECRET-VPN
exit
!
crypto isakmp profile PROF0002
 match identity user id-kyoten2
 local-address 192.0.2.1
 set isakmp-policy P1-POLICY
 set ipsec-policy P2-POLICY
 ike-version 1
 local-key SECRET-VPN
exit
!
crypto map KYOTEN1 ipsec-isakmp
 match address SELECTOR
 set isakmp-profile PROF0001
exit
!
crypto map KYOTEN2 ipsec-isakmp
 match address SELECTOR
 set isakmp-profile PROF0002
exit
!
interface GigaEthernet 1/1
 vlan-id 1
 bridge-group 1
exit
!
interface GigaEthernet 2/1
 vlan-id 2
 bridge-group 2
 pppoe enable
exit
!
interface Loopback 1
 ip address 10.0.0.1
exit
!
interface Tunnel 1
 description FLETS
 ip address 192.0.2.1 255.255.255.255
 ip access-group 100 in
 ip access-group 111 in
 ip access-group 121 out
 tunnel mode pppoe profile PPPOE_PROF
 pppoe interface gigaethernet 2/1
exit
!
interface Tunnel 2
 tunnel mode ipsec map KYOTEN1
exit
!
interface Tunnel 3
 tunnel mode ipsec map KYOTEN2
exit
!
interface Tunnel 4
 tunnel mode milan米兰体育官网tpv3 pseudowire milan米兰体育官网TPv3_kyoten1
 bridge-group 1 client
exit
interface Tunnel 5
 tunnel mode milan米兰体育官网tpv3 pseudowire milan米兰体育官网TPv3_kyoten2
 bridge-group 1 client
exit
!
milan米兰体育官网tpv3 tunnel-profile milan米兰体育官网TPv3_PROF_kyoten1
 mode milan米兰体育官网tpv3
 tunnel source 10.0.0.1
 tunnel destination 10.0.0.2
 tunnel protection ipsec tunnel 2
 hostname local CENTER
 hostname remote KYOTEN1
 hello interval 10
exit
!
milan米兰体育官网tpv3 tunnel-profile milan米兰体育官网TPv3_PROF_kyoten2
 mode milan米兰体育官网tpv3
 tunnel source 10.0.0.1
 tunnel destination 10.0.0.3
 tunnel protection ipsec tunnel 3
 hostname local CENTER
 hostname remote KYOTEN2
 hello interval 10
exit
!
milan米兰体育官网tpv3 pseudowire milan米兰体育官网TPv3_kyoten1
 set profile milan米兰体育官网TPv3_PROF_kyoten1
 remote-end-id ascii ID_center_kyoten1
exit
!
milan米兰体育官网tpv3 pseudowire milan米兰体育官网TPv3_kyoten2
 set profile milan米兰体育官网TPv3_PROF_kyoten2
 remote-end-id ascii ID_center_kyoten2
exit
!
pppoe profile PPPOE_PROF
 account abc012@***.***.ne.jp xxxyyyzzz
exit
!
end</pre>

<pre>access-list 100 permit udp 192.0.2.1 0.0.0.0 eq 500 any eq 500
access-list 100 permit 50 192.0.2.1 0.0.0.0 any
access-list 111 deny ip any any
access-list 121 spi ip any any
!
ip route 0.0.0.0 0.0.0.0 tunnel 1
ip route 10.0.0.1 255.255.255.255 tunnel 2
!
hostname KYOTEN1
!
crypto ipsec policy P2-POLICY
 set pfs group14
 set security-association always-up
 set security-association lifetime seconds 28800
 set security-association transform-keysize aes 256 256 256
 set security-association transform esp-aes esp-sha-hmac
 set mtu 1454
 set ip df-bit 0
 set ip fragment post
exit
!
crypto ipsec selector SELECTOR
 src 1 ipv4 any
 dst 1 ipv4 any
exit
!
crypto isakmp keepalive
logging level informational
crypto isakmp log sa
crypto isakmp log session
crypto isakmp log negotiation-fail
milan米兰体育官网tpv3 log session
!
crypto isakmp policy P1-POLICY
 authentication pre-share
 encryption aes
 encryption-keysize aes 256 256 256
 group 14
 lifetime 86400
 hash sha
 initiate-mode aggressive
exit
!
crypto isakmp profile PROF0001
 self-identity user-fqdn id-kyoten1
 set peer 192.0.2.1
 set isakmp-policy P1-POLICY
 set ipsec-policy P2-POLICY
 ike-version 1
 local-key SECRET-VPN
exit
!
crypto map CENTER ipsec-isakmp
 match address SELECTOR
 set isakmp-profile PROF0001
exit
!
interface GigaEthernet 1/1
 vlan-id 1
 bridge-group 1
exit
!
interface GigaEthernet 2/1
 vlan-id 2
 bridge-group 2
 pppoe enable
exit
!
interface Loopback 1
 ip address 10.0.0.2
exit
!
interface Tunnel 1
 description FLETS
 ip access-group 100 in
 ip access-group 111 in
 ip access-group 121 out
 tunnel mode pppoe profile PPPOE_PROF
 pppoe interface gigaethernet 2/1
exit
!
interface Tunnel 2
 tunnel mode ipsec map CENTER
exit
!
interface Tunnel 3
 tunnel mode milan米兰体育官网tpv3 pseudowire milan米兰体育官网TPv3_center
 bridge-group 1
exit
!
milan米兰体育官网tpv3 tunnel-profile milan米兰体育官网TPv3_PROF_center
 mode milan米兰体育官网tpv3
 tunnel source 10.0.0.2
 tunnel destination 10.0.0.1
 tunnel protection ipsec tunnel 2
 hostname local KYOTEN1
 hostname remote CENTER
 hello interval 10
exit
!
milan米兰体育官网tpv3 pseudowire milan米兰体育官网TPv3_center
 set profile milan米兰体育官网TPv3_PROF_center
 remote-end-id ascii ID_center_kyoten1
 always-up
exit

pppoe profile PPPOE_PROF
 account abc345@***.***.ne.jp zzzyyyxxx
exit
!
end</pre>

<pre>access-list 100 permit udp 192.0.2.1 0.0.0.0 eq 500 any eq 500
access-list 100 permit 50 192.0.2.1 0.0.0.0 any
access-list 111 deny ip any any
access-list 121 spi ip any any
!
ip route 0.0.0.0 0.0.0.0 tunnel 1
ip route 10.0.0.1 255.255.255.255 tunnel 2
!
hostname KYOTEN2
!
crypto ipsec policy P2-POLICY
 set pfs group14
 set security-association always-up
 set security-association lifetime seconds 28800
 set security-association transform-keysize aes 256 256 256
 set security-association transform esp-aes esp-sha-hmac
 set mtu 1454
 set ip df-bit 0
 set ip fragment post
exit
!
crypto ipsec selector SELECTOR
 src 1 ipv4 any
 dst 1 ipv4 any
exit
!
crypto isakmp keepalive
logging level informational
crypto isakmp log sa
crypto isakmp log session
crypto isakmp log negotiation-fail
milan米兰体育官网tpv3 log session
!
crypto isakmp policy P1-POLICY
 authentication pre-share
 encryption aes
 encryption-keysize aes 256 256 256
 group 14
 lifetime 86400
 hash sha
 initiate-mode aggressive
exit
!
crypto isakmp profile PROF0001
 self-identity user-fqdn id-kyoten2
 set peer 192.0.2.1
 set isakmp-policy P1-POLICY
 set ipsec-policy P2-POLICY
 ike-version 1
 local-key SECRET-VPN
exit
!
crypto map CENTER ipsec-isakmp
 match address SELECTOR
 set isakmp-profile PROF0001
exit
!
interface GigaEthernet 1/1
 vlan-id 1
 bridge-group 1
exit
!
interface GigaEthernet 2/1
 vlan-id 2
 bridge-group 2
 pppoe enable
exit
!
interface Loopback 1
 ip address 10.0.0.3
exit
!
interface Tunnel 1
 description FLETS
 ip access-group 100 in
 ip access-group 111 in
 ip access-group 121 out
 tunnel mode pppoe profile PPPOE_PROF
 pppoe interface gigaethernet 2/1
exit
!
interface Tunnel 2
 tunnel mode ipsec map CENTER
exit
!
interface Tunnel 3
 tunnel mode milan米兰体育官网tpv3 pseudowire milan米兰体育官网TPv3_center
 bridge-group 1
exit
!
milan米兰体育官网tpv3 tunnel-profile milan米兰体育官网TPv3_PROF_center
 mode milan米兰体育官网tpv3
 tunnel source 10.0.0.3
 tunnel destination 10.0.0.1
 tunnel protection ipsec tunnel 2
 hostname local KYOTEN2
 hostname remote CENTER
 hello interval 10
exit
!
milan米兰体育官网tpv3 pseudowire milan米兰体育官网TPv3_center
 set profile milan米兰体育官网TPv3_PROF_center
 remote-end-id ascii ID_center_kyoten2
 always-up
exit
!
pppoe profile PPPOE_PROF
 account abc678@***.***.ne.jp yyyzzzxxx
exit
!
end</pre>

ページトップへ

サイトマップmilan米兰体育HOMElmilan米兰体育サーバのご利用にあたっての注意