Scribd Logo
Carica

Benvenuto in Scribd!

  • R2 Lab

    Caricato da

    raiku01
    24 visualizzazioni4 pagine
    Username admin01 privilege 15 password 0 admin01pass archive log config hidekeys! username VPNuser1 password 0 VPNuser1pass! crypto isakmp policy 10 encr aes 256 authentication pre-share group 5 lifetime 3600!

    Descrizione originale:

    Titolo originale

    R2-lab

    Copyright

    © © All Rights Reserved

    Formati disponibili

    TXT, PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    Username admin01 privilege 15 password 0 admin01pass archive log config hidekeys! username VPNuser1 password 0 VPNuser1pass! crypto isakmp policy 10 encr aes 256 authentication pre-share group 5 lifetime 3600!

    Copyright:

    © All Rights Reserved
    Scarica in formato TXT, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    24 visualizzazioni4 pagine

    R2 Lab

    Caricato da

    raiku01
    Username admin01 privilege 15 password 0 admin01pass archive log config hidekeys! username VPNuser1 password 0 VPNuser1pass! crypto isakmp policy 10 encr aes 256 authentication pre-share group 5 lifetime 3600!

    Copyright:

    © All Rights Reserved
    Scarica in formato TXT, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 4

    R2#sh running-config

    Building configuration...
    Current configuration : 4851 bytes
    !
    version 12.4
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname R2
    !
    boot-start-marker
    boot-end-marker
    !
    logging message-counter syslog
    enable secret 5 $1$21Uu$Ky4N9KZqLbKcD3BdJXwwG.
    !
    aaa new-model
    !
    !
    aaa authentication login USERAUTHEN local
    aaa authorization network GROUPAUTHOR local
    !
    !
    aaa session-id common
    !
    dot11 syslog
    ip source-route
    !
    !
    ip cef
    !
    !
    no ip domain lookup
    !
    multilink bundle-name authenticated
    !
    !
    !
    crypto pki trustpoint TP-self-signed-2411232691
    enrollment selfsigned
    subject-name cn=IOS-Self-Signed-Certificate-2411232691
    revocation-check none
    rsakeypair TP-self-signed-2411232691
    !
    !
    crypto pki certificate chain TP-self-signed-2411232691
    certificate self-signed 01
    3082023A 308201A3 A0030201 02020101 300D0609 2A864886
    31312F30 2D060355 04031326 494F532D 53656C66 2D536967
    69666963 6174652D 32343131 32333236 3931301E 170D3130
    34315A17 0D323030 31303130 30303030 305A3031 312F302D
    4F532D53 656C662D 5369676E 65642D43 65727469 66696361
    33323639 3130819F 300D0609 2A864886 F70D0101 01050003
    8100A646 4AFB480B 6F6C941B 3811CA5E 41FCF8F4 415BE608
    C9806CD3 AE682B7A 17DDDF61 B5FCC64E 4B136C3F DDA9CC94
    053801A0 9D13D848 EE03963D E150652B 53DE995A 5C83C72B
    EF79DD93 13BFF98F 787CF0F3 F8FD5A95 6FDCC154 CD09385E
    F5070203 010001A3 62306030 0F060355 1D130101 FF040530

    F70D0101
    6E65642D
    30393031
    06035504
    74652D32
    818D0030
    3DB929AD
    2AE5EB21
    38197312
    6C0BA23C
    030101FF

    04050030
    43657274
    32313031
    03132649
    34313132
    81890281
    9762BC2D
    3F73980A
    FD98CDAA
    F149A31D
    300D0603

    551D1104 06300482
    CED7A17E 4BB4A471
    D7A17E4B B4A4713B
    7F85E2D5 1220BB37
    66C5ACF4 E94FB861
    0086B6BF 7EBF5E2E
    0F854A47 2097055F
    quit

    02523230
    3B0279E3
    0279E330
    44E27C5A
    BE53B5D4
    D6788E76
    B7C5426F

    1F060355
    301D0603
    0D06092A
    8678D5B9
    8E1B2153
    7046E44B
    A1CF70F2

    1D230418
    551D0E04
    864886F7
    D18E2B55
    6934A75C
    ADBEA100
    5B0CB420

    30168014
    160414B1
    0D010104
    407F94B1
    09B26A42
    514A19E7
    08032F00

    B1430383
    430383A7
    05000381
    429A18D7
    EEB9B026
    AB69710F
    2A0FC219

    !
    !
    username admin01 privilege 15 password 0 admin01pass
    archive
    log config
    hidekeys
    !
    !
    username VPNuser1 password 0 VPNuser1pass
    archive
    log config
    hidekeys
    !
    !
    crypto isakmp policy 10
    encr aes 256
    authentication pre-share
    group 5
    lifetime 3600
    !
    crypto isakmp policy 30
    encr aes 256
    authentication pre-share
    group 5
    lifetime 3600
    !
    crypto isakmp policy 40
    encr 3des
    hash md5
    authentication pre-share
    group 2
    crypto isakmp key cisco123 address 10.1.1.1
    crypto isakmp key cisco123 address 10.3.1.1
    !
    crypto isakmp client configuration group VPN_ACCESS
    key cisco12345
    pool IPPOOL
    acl 106
    crypto isakmp profile VPNCLIENT
    match identity group VPN_ACCESS
    client authentication list USERAUTHEN
    isakmp authorization list GROUPAUTHOR
    client configuration address respond
    !
    crypto ipsec security-association lifetime seconds 1800
    !
    crypto ipsec transform-set 50 esp-aes 256 esp-sha-hmac
    crypto ipsec transform-set REMOTE-SET esp-aes 256 esp-sha-hmac
    !
    crypto dynamic-map dynmap 10
    set transform-set REMOTE-SET
    set isakmp-profile VPNCLIENT

    A7181623
    181623CE
    81008334
    2BF9EDE8
    6FA3F1B8
    34EE2530
    ED1F

    reverse-route
    !
    !
    crypto map CMAP 10 ipsec-isakmp
    set peer 10.1.1.1
    set security-association lifetime seconds 900
    set transform-set 50
    set pfs group5
    match address 101
    crypto map CMAP 30 ipsec-isakmp
    set peer 10.3.1.1
    set security-association lifetime seconds 900
    set transform-set 50
    set pfs group5
    match address 103
    crypto map CMAP 65535 ipsec-isakmp dynamic dynmap
    !
    crypto map CMAP2 30 ipsec-isakmp
    set peer 200.10.3.1
    set security-association lifetime seconds 900
    set transform-set 50
    set pfs group5
    match address 103
    !
    crypto map MAP1 65535 ipsec-isakmp dynamic dynmap
    !
    !
    !
    !
    !
    !
    interface FastEthernet0/0
    ip address 192.168.2.1 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    duplex auto
    speed auto
    !
    interface FastEthernet0/1
    no ip address
    shutdown
    duplex auto
    speed auto
    !
    interface Serial0/0/0
    ip address 10.2.1.1 255.255.255.252 secondary
    ip address 200.10.2.1 255.255.255.252
    ip nat outside
    ip virtual-reassembly
    clock rate 64000
    crypto map CMAP
    !
    interface Serial0/0/1
    no ip address
    shutdown
    clock rate 2000000
    !
    ip forward-protocol nd
    ip route 0.0.0.0 0.0.0.0 Serial0/0/0
    ip http server

    ip http secure-server
    !
    !
    ip nat pool PUBLICA 200.10.2.1 200.10.2.1 netmask 255.255.255.240
    ip nat inside source list 100 pool PUBLICA overload
    !
    access-list 100 deny ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255
    access-list 100 deny ip 192.168.2.0 0.0.0.255 192.168.3.0 0.0.0.255
    access-list 100 permit ip any any
    access-list 101 permit ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255
    access-list 103 permit ip 192.168.3.0 0.0.0.255 192.168.102.0 0.0.0.255
    access-list 106 permit ip 192.168.3.0 0.0.0.255 192.168.102.0 0.0.0.255
    !
    !
    !
    !
    !
    control-plane
    !
    !
    line con 0
    line aux 0
    line vty 0 4
    !
    scheduler allocate 20000 1000
    end

    Potrebbero piacerti anche