收藏
下载资源下载资源 加入VIP,免费下载

VPN的配置实例1.docx

上传人:b****4 文档编号:2945514 上传时间:2022-11-16 格式:DOCX 页数:7 大小:25.35KB
下载 相关 举报
VPN的配置实例1.docx_第1页
第1页 / 共7页
VPN的配置实例1.docx_第2页
第2页 / 共7页
VPN的配置实例1.docx_第3页
第3页 / 共7页
VPN的配置实例1.docx_第4页
第4页 / 共7页
VPN的配置实例1.docx_第5页
第5页 / 共7页
点击查看更多>>
下载资源
资源描述

VPN的配置实例1.docx

《VPN的配置实例1.docx》由会员分享,可在线阅读,更多相关《VPN的配置实例1.docx(7页珍藏版)》请在冰豆网上搜索。

VPN的配置实例1.docx

VPN的配置实例1

一、Pix-Pix

PIXCentral

Buildingconfiguration...

:

Saved

:

PIXVersion6.3(3)

interfaceethernet0auto

interfaceethernet1auto

nameifethernet0outsidesecurity0

nameifethernet1insidesecurity100

enablepassword8Ry2YjIyt7RRXU24encrypted

passwd2KFQnbNIdI.2KYOUencrypted

hostnamepix-central

fixupprotocoldnsmaximum-length512

fixupprotocolftp21

fixupprotocolh323h2251720

fixupprotocolh323ras1718-1719

fixupprotocolhttp80

fixupprotocolrsh514

fixupprotocolrtsp554

fixupprotocolsip5060

fixupprotocolsipudp5060

fixupprotocolskinny2000

fixupprotocolsmtp25

fixupprotocolsqlnet1521

fixupprotocoltftp69

names

!

---ThisistraffictoPIX2.

access-list120permitip10.1.1.0255.255.255.010.2.2.0255.255.255.0

!

---ThisistraffictoPIX3.

access-list130permitip10.1.1.0255.255.255.010.3.3.0255.255.255.0

!

---DonotdoNetworkAddressTranslation(NAT)ontraffictootherPIXes.

access-list100permitip10.1.1.0255.255.255.010.2.2.0255.255.255.0

access-list100permitip10.1.1.0255.255.255.010.3.3.0255.255.255.0

pagerlines24

loggingon

mtuoutside1500

mtuinside1500

ipaddressoutside172.18.124.153255.255.255.0

ipaddressinside10.1.1.1255.255.255.0

ipauditinfoactionalarm

ipauditattackactionalarm

pdmhistoryenable

arptimeout14400

!

---DonotdoNATontraffictootherPIXes.

nat(inside)0access-list100

routeoutside0.0.0.00.0.0.0172.18.124.11

timeoutxlate3:

00:

00

timeoutconn1:

00:

00half-closed0:

10:

00udp0:

02:

00rpc0:

10:

00h2251:

00:

00

timeouth3230:

05:

00mgcp0:

05:

00sip0:

30:

00sip_media0:

02:

00

timeoutuauth0:

05:

00absolute

aaa-serverTACACS+protocoltacacs+

aaa-serverRADIUSprotocolradius

aaa-serverLOCALprotocollocal

nosnmp-serverlocation

nosnmp-servercontact

snmp-servercommunitypublic

snmp-serverenabletraps

floodguardenable

sysoptconnectionpermit-ipsec

cryptoipsectransform-setmysetesp-desesp-md5-hmac

!

---ThisistraffictoPIX2.

cryptomapnewmap20ipsec-isakmp

cryptomapnewmap20matchaddress120

cryptomapnewmap20setpeer172.18.124.154

cryptomapnewmap20settransform-setmyset

!

---ThisistraffictoPIX3.

cryptomapnewmap30ipsec-isakmp

cryptomapnewmap30matchaddress130

cryptomapnewmap30setpeer172.18.124.157

cryptomapnewmap30settransform-setmyset

cryptomapnewmapinterfaceoutside应用MAP到outside

isakmpenableoutside开启IKE

isakmpkey********address172.18.124.154netmask255.255.255.255

no-xauthno-config-mode

isakmpkey********address172.18.124.157netmask255.255.255.255

no-xauthno-config-mode

isakmpidentityaddress

isakmppolicy10authenticationpre-share

isakmppolicy10encryptiondes

isakmppolicy10hashmd5

isakmppolicy10group1

isakmppolicy10lifetime1000

telnettimeout5

sshtimeout5

consoletimeout0

terminalwidth80

Cryptochecksum:

d41d8cd98f00b204eecf8427e

:

end

PIX2

Buildingconfiguration...

:

Saved

:

PIXVersion6.3(3)

interfaceethernet0auto

interfaceethernet1auto

nameifethernet0outsidesecurity0

nameifethernet1insidesecurity100

enablepassword8Ry2YjIyt7RRXU24encrypted

passwd2KFQnbNIdI.2KYOUencrypted

hostnamepix2

fixupprotocoldnsmaximum-length512

fixupprotocolftp21

fixupprotocolh323h2251720

fixupprotocolh323ras1718-1719

fixupprotocolhttp80

fixupprotocolrsh514

fixupprotocolrtsp554

fixupprotocolsip5060

fixupprotocolsipudp5060

fixupprotocolskinny2000

fixupprotocolsmtp25

fixupprotocolsqlnet1521

fixupprotocoltftp69

names

!

---ThisistraffictoPIXCentral.

access-list110permitip10.2.2.0255.255.255.010.1.1.0255.255.255.0

!

---DonotdoNATontraffictoPIXCentral.

access-list100permitip10.2.2.0255.255.255.010.1.1.0255.255.255.0

pagerlines24

loggingon

mtuoutside1500

mtuinside1500

ipaddressoutside172.18.124.154255.255.255.0

ipaddressinside10.2.2.1255.255.255.0

ipauditinfoactionalarm

ipauditattackactionalarm

nofailover

failovertimeout0:

00:

00

failoverpoll15

nofailoveripaddressoutside

nofailoveripaddressinside

pdmhistoryenable

arptimeout14400

!

---DonotdoNATontraffictoPIXCentral.

nat(inside)0access-list100

routeoutside0.0.0.00.0.0.0172.18.124.11

aaa-serverTACACS+protocoltacacs+

aaa-serverRADIUSprotocolradius

aaa-serverLOCALprotocollocal

nosnmp-serverlocation

nosnmp-servercontact

snmp-servercommunitypublic

nosnmp-serverenabletraps

floodguardenable

sysoptconnectionpermit-ipsec

cryptoipsectransform-setmysetesp-desesp-md5-hmac

!

---ThisistraffictoPIXCentral.

cryptomapnewmap10ipsec-isakmp

cryptomapnewmap10matchaddress110

cryptomapnewmap10setpeer172.18.124.153

cryptomapnewmap10settransform-setmyset

cryptomapnewmapinterfaceoutside

isakmpenableoutside

isakmpkey********address172.18

展开阅读全文
相关资源
猜你喜欢
相关搜索

当前位置:首页 > 医药卫生 > 基础医学

copyright@ 2008-2022 冰豆网网站版权所有

经营许可证编号:鄂ICP备2022015515号-1