ac米兰中国官网 ip address 192.168.0.

milan米兰体育ネットワーク機器の総合ブランド　ファイテルネット

ac米兰中国官网例

ac米兰中国官网とIPsecでトンネリングする

内容

下記リンクよりご確認ください。

1.ac米兰中国官网ルートベース-F70ルートベース	F60 のac米兰中国官网のご利用は
	ac米兰中国官网
2.ac米兰中国官网ポリシーベース-F70ルートベース	F60 のac米兰中国官网のご利用は
	ac米兰中国官网

<pre>!
ip route 0.0.0.0 0.0.0.0 pppoe 1
ip route 192.168.1.0 255.255.255.0 connected ipsecif 1
ip route 192.168.1.0 255.255.255.0 connected null 0 150
!
access-list 99 permit 192.168.0.0 0.0.0.255
!
vpn enable
vpnlog enable
!
ipsec access-list 1 ipsec ip any any
ipsec access-list 64 bypass ip any any
ipsec transform-set P2-POLICY esp-aes-256 esp-sha-hmac
!
interface ipsecif 1
 crypto map CENTER
exit
interface lan 1
 ip address 192.168.0.254 255.255.255.0
exit
interface pppoe 1
 ip nat inside source list 99 interface
 pppoe server FLETS-ADSL
 pppoe account abc345@***.***.ne.jp zzzyyyxxx
 pppoe type host
exit
!
ac米兰中国官网 policy 1
 authentication prekey
 encryption aes 256
 group 14
 hash sha
 idtype-pre userfqdn
 key ascii SECRET-VPN
 lifetime 86400
 my-identity id-kyoten
 negotiation-mode aggressive
 peer-identity address 192.0.2.1
exit
crypto map CENTER 1
 match address 1
 set peer address 192.0.2.1
 set pfs group14
 set security-association lifetime seconds 28800
 set security-association always-up
 set transform-set P2-POLICY
exit
!
end</pre>

<pre>!
access-list 100 permit udp any eq 500 192.0.2.1 0.0.0.0 eq 500
access-list 100 permit 50 any 192.0.2.1 0.0.0.0
access-list 111 deny ip any any
access-list 121 spi ip any any
!
ip route 0.0.0.0 0.0.0.0 tunnel 1
ip route 192.168.0.0 255.255.255.0 tunnel 2
ip nat list 1 192.168.1.0 0.0.0.255
!
logging level informational
!
crypto ipsec policy P2-POLICY
 set pfs group14
 set security-association lifetime seconds 28800
 set security-association transform-keysize aes 256 256 256
 set security-association transform esp-aes esp-sha-hmac
 set mtu 1454
 set ip df-bit 0
 set ip fragment post
exit
!
crypto ipsec selector SELECTOR
 src 1 ipv4 any
 dst 1 ipv4 any
exit
!
ac米兰中国官网 keepalive
ac米兰中国官网 log sa
ac米兰中国官网 log session
ac米兰中国官网 log negotiation-fail
!
ac米兰中国官网 policy P1-POLICY
 authentication pre-share
 encryption aes
 encryption-keysize aes 256 256 256
 group 14
 lifetime 86400
 hash sha
 initiate-mode aggressive
exit
!
ac米兰中国官网 profile PROF0001
 match identity user id-kyoten
 local-address 192.0.2.1
 set isakmp-policy P1-POLICY
 set ipsec-policy P2-POLICY
 ike-version 1
 local-key SECRET-VPN
exit
!
crypto map KYOTEN0001 ipsec-isakmp
 match address SELECTOR
 set isakmp-profile PROF0001
exit
!
interface GigaEthernet 1/1
 vlan-id 1
 bridge-group 1
 channel-group 1
exit
!
interface GigaEthernet 2/1
 vlan-id 2
 bridge-group 2
 pppoe enable
exit
!
interface Port-channel 1
 ip address 192.168.1.254 255.255.255.0
 mss 1300
exit
!
interface Tunnel 1
 description FLETS
 ip address 192.0.2.1 255.255.255.255
 ip access-group 100 in
 ip access-group 111 in
 ip access-group 121 out
 ip nat inside source list 1 interface
 tunnel mode pppoe profile PPPOE_PROF
 pppoe interface gigaethernet 2/1
exit
!
interface Tunnel 2
 tunnel mode ipsec map KYOTEN0001
exit
!
pppoe profile PPPOE_PROF
 account abc012@***.***.ne.jp xxxyyyzzz
exit
!
end</pre>

<pre>!
access-list 100 permit udp any eq 500 192.0.2.1 0.0.0.0 eq 500
access-list 100 permit 50 any 192.0.2.1 0.0.0.0
access-list 111 deny ip any any
access-list 121 spi ip any any
!
ip route 0.0.0.0 0.0.0.0 tunnel 1
ip route 192.168.0.0 255.255.255.0 tunnel 2
ip nat list 1 192.168.1.0 0.0.0.255
!
logging level informational
!
crypto ipsec policy P2-POLICY
 set pfs group14
 set security-association lifetime seconds 28800
 set security-association transform-keysize aes 256 256 256
 set security-association transform esp-aes esp-sha-hmac
 set mtu 1454
 set ip df-bit 0
 set ip fragment post
exit
!
crypto ipsec selector SELECTOR0001
 src 1 ipv4 192.168.1.0 255.255.255.0
 dst 1 ipv4 192.168.0.0 255.255.255.0
exit
!
ac米兰中国官网 keepalive
ac米兰中国官网 log sa
ac米兰中国官网 log session
ac米兰中国官网 log negotiation-fail
!
ac米兰中国官网 policy P1-POLICY
 authentication pre-share
 encryption aes
 encryption-keysize aes 256 256 256
 group 14
 lifetime 86400
 hash sha
 initiate-mode aggressive
exit
!
ac米兰中国官网 profile PROF0001
 match identity user id-kyoten
 local-address 192.0.2.1
 set isakmp-policy P1-POLICY
 set ipsec-policy P2-POLICY
 ike-version 1
 local-key SECRET-VPN
exit
!
crypto map KYOTEN0001 ipsec-isakmp
 match address SELECTOR0001
 set isakmp-profile PROF0001
exit
!
interface GigaEthernet 1/1
 vlan-id 1
 bridge-group 1
 channel-group 1
exit
!
interface GigaEthernet 2/1
 vlan-id 2
 bridge-group 2
 pppoe enable
exit
!
interface Port-channel 1
 ip address 192.168.1.254 255.255.255.0
 mss 1300
exit
!
interface Tunnel 1
 description FLETS
 ip address 192.0.2.1 255.255.255.255
 ip access-group 100 in
 ip access-group 111 in
 ip access-group 121 out
 ip nat inside source list 1 interface
 tunnel mode pppoe profile PPPOE_PROF0001
 pppoe interface gigaethernet 2/1
exit
!
interface Tunnel 2
 tunnel mode ipsec map KYOTEN0001
exit
!
pppoe profile PPPOE_PROF
 account abc012@***.***.ne.jp xxxyyyzzz
exit
!
end</pre>

ページトップへ

サイトマップmilan米兰体育HOMElmilan米兰体育サーバのご利用にあたっての注意