Configuring GRE and IPSec with IPX Routing

389阅读 0评论2008-10-27 ZsUPlKJ
分类:


  Router1
  
  Current configuration:
  !
  version 12.0
  service timestamps debug uptime
  service timestamps log uptime
  no service password-encryption
  !
  hostname router1
  !
  ip subnet-zero
  !
  ipx routing 00e0.b064.258e
  cns event-service server
  !
  crypto isakmp policy 10
  authentication pre-share
  group 2
  lifetime 3600
  crypto isakmp key cisco address 200.1.1.1
  !
  crypto ipsec transform-set tunnelset esp-des esp-md5-hmac
  !
  crypto map toBB local-address Loopback0
  crypto map toBB 10 ipsec-isakmp
  set peer 200.1.1.1
  set transform-set tunnelset
  match address 101
  !
  interface Loopback0
  ip address 100.1.1.1 255.255.255.0
  no ip directed-broadcast
  !
  interface Tunnel0
  no ip address
  no ip directed-broadcast
  no ip route-cache
  no ip mroute-cache
  ipx network CC
  tunnel source Serial0
  tunnel destination 150.0.0.2
  crypto map toBB
  !
  interface Ethernet0
  ip address 175.1.1.1 255.255.255.0
  no ip directed-broadcast
  ipx network AA
  !
  interface Ethernet1
  no ip address
  no ip directed-broadcast
  shutdown
  !
  interface Serial0
  ip address 150.0.0.1 255.255.255.0
  no ip directed-broadcast
  no ip route-cache
  no ip mroute-cache
  no fair-queue
  crypto map toBB
  !
  interface Serial1
  no ip address
  no ip directed-broadcast
  shutdown
  !
  ip classless
  ip route 0.0.0.0 0.0.0.0 150.0.0.2
  no ip http server
  !
  access-list 101 permit gre host 150.0.0.1 host 150.0.0.2
  !
  tftp-server flash:
  !
  line con 0
  transport input none
  line aux 0
  line vty 0 4
  login
  !
  end
  
  Router2
  
  Current configuration:
  !
  version 12.0
  service timestamps debug uptime
  service timestamps log uptime
  no service password-encryption
  !
  hostname router2
  !
  ip subnet-zero
  !
  ipx routing 0010.7b37.c8ae
  cns event-service server
  !
  crypto isakmp policy 10
  authentication pre-share
  group 2
  lifetime 3600
  crypto isakmp key cisco address 100.1.1.1
  !
  crypto ipsec transform-set tunnelset esp-des esp-md5-hmac
  !
  crypto map toAA local-address Loopback0
  crypto map toAA 10 ipsec-isakmp
  set peer 100.1.1.1
  set transform-set tunnelset
  match address 101
  !
  interface Loopback0
  ip address 200.1.1.1 255.255.255.0
  no ip directed-broadcast
  !
  interface Tunnel0
  no ip address
  no ip directed-broadcast
  no ip route-cache
  no ip mroute-cache
  ipx network CC
  tunnel source Serial0
  tunnel destination 150.0.0.1
  crypto map toAA
  !
  interface Ethernet0
  ip address 75.1.1.1 255.255.255.0
  no ip directed-broadcast
  ipx network BB
  !
  interface Ethernet1
  no ip address
  no ip directed-broadcast
  shutdown
  !
  interface Serial0
  ip address 150.0.0.2 255.255.255.0
  no ip directed-broadcast
  no ip route-cache
  no ip mroute-cache
  no fair-queue
  clockrate 9600
  crypto map toAA
  !
  interface Serial1
  no ip address
  no ip directed-broadcast
  shutdown
  !
  ip classless
  ip route 0.0.0.0 0.0.0.0 150.0.0.1
  no ip http server
  !
  access-list 101 permit gre host 150.0.0.2 host 150.0.0.1
  !
  line con 0
  transport input none
  line aux 0
  line vty 0 4
  login
  !
  end
  
  Network Diagram
   2514 Routers
  
  
【责编:admin】

--------------------next---------------------

上一篇:浅论网络防火墙技术
下一篇:Check Point SVN (Secure Virtual Network)安全虚拟网络