GRE IPSec OSPF-wfeng520-ChinaUnix博客

华为技术cisco3550.blog.chinaunix.net

首页　| 　博文目录　| 　关于我

wfeng520

博客访问： 1290282
博文数量： 464
博客积分： 9399
博客等级：中将
技术积分： 6364
用户组：普通用户
注册时间： 2011-02-19 09:15

文章分类

全部博文（464）

未分配的博文（464）

文章存档

2014年（12）

2013年（123）

2012年（173）

2011年（156）

我的朋友

小尾巴鱼

最近访客

推荐博文

GRE IPSec OSPF

分类：

2012-07-12 12:58:40

拓扑：
Router1 F0/0 （192.168.12.1、24） <----> Router2 F0/0 （192.168.12.2、24）
Router2 F0/1 （192.168.23.2、24）<----> Router3 F0/1 （192.168.23.3、24）

配置代码：
r1#sho run
Building configuration...

Current configuration : 1340 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname r1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
subnet-zero
!
!
ip cef
no ip domain lookup
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
crypto isakmp policy 10
hash md5
authentication pre-share
lifetime 5000
crypto isakmp key cisco address 192.168.23.3
!
!
crypto ipsec transform-set ccsp ah-md5-hmac esp-des
mode transport
!
crypto map cisco 10 ipsec-isakmp
set peer 192.168.23.3
set transform-set ccsp
match address 100
!
!
!
!
Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface Tunnel0
ip address 172.16.1.1 255.255.255.0
tunnel source 192.168.12.1
tunnel destination 192.168.23.3
!
interface FastEthernet0/0
ip address 192.168.12.1 255.255.255.0
duplex auto
speed auto
crypto map cisco
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
router ospf 100
router-id 1.1.1.1
log-adjacency-changes
network 1.1.1.0 0.0.0.255 area 0
network 172.16.1.0 0.0.0.255 area 0
!
ip http server
no ip http secure-server
ip classless
ip route 192.168.23.0 255.255.255.0 192.168.12.2
!
!
access-list 100 permit ip host 192.168.12.1 host 192.168.23.3
!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
!
end

r2#sho run
Building configuration...

Current configuration : 678 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname r2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip subnet-zero
!
!
ip cef
no ip domain lookup
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 2.2.2.2 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.12.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.23.2 255.255.255.0
duplex auto
speed auto
!
ip http server
no ip http secure-server
ip classless
!
!
!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
!
end

r3#sho run
Building configuration...

Current configuration : 1437 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname r3
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip subnet-zero
!
!
ip cef
no ip domain lookup
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
crypto isakmp policy 10
hash md5
authentication pre-share
lifetime 5000
crypto isakmp key cisco address 192.168.12.1
!
!
crypto ipsec transform-set ccsp ah-md5-hmac esp-des
mode transport
!
crypto map cisco 10 ipsec-isakmp
set peer 192.168.12.1
set transform-set ccsp
match address 100
!
!
!
!
interface Loopback0
ip address 3.3.3.3 255.255.255.0
!
interface Loopback1
ip address 33.33.33.33 255.255.255.0
!
interface Tunnel0
ip address 172.16.1.2 255.255.255.0
tunnel source 192.168.23.3
tunnel destination 192.168.12.1
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.23.3 255.255.255.0
duplex auto
speed auto
crypto map cisco
!
router ospf 100
router-id 3.3.3.3
log-adjacency-changes
network 3.3.3.0 0.0.0.255 area 0
network 33.33.33.0 0.0.0.255 area 0
network 172.16.1.0 0.0.0.255 area 0
!
ip http server
no ip http secure-server
ip classless
ip route 192.168.12.0 255.255.255.0 192.168.23.2
!
!
access-list 100 permit ip host 192.168.23.3 host 192.168.12.1
!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
!
end

拓扑：
Router1 F0/0 （192.168.12.1、24） <----> Router2 F0/0 （192.168.12.2、24）
Router2 F0/1 （192.168.23.2、24）<----> Router3 F0/1 （192.168.23.3、24）

配置代码：
r1#sho run
Building configuration...

Current configuration : 1340 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname r1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
subnet-zero
!
!
ip cef
no ip domain lookup
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
crypto isakmp policy 10
hash md5
authentication pre-share
lifetime 5000
crypto isakmp key cisco address 192.168.23.3
!
!
crypto ipsec transform-set ccsp ah-md5-hmac esp-des
mode transport
!
crypto map cisco 10 ipsec-isakmp
set peer 192.168.23.3
set transform-set ccsp
match address 100
!
!
!
!
Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface Tunnel0
ip address 172.16.1.1 255.255.255.0
tunnel source 192.168.12.1
tunnel destination 192.168.23.3
!
interface FastEthernet0/0
ip address 192.168.12.1 255.255.255.0
duplex auto
speed auto
crypto map cisco
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
router ospf 100
router-id 1.1.1.1
log-adjacency-changes
network 1.1.1.0 0.0.0.255 area 0
network 172.16.1.0 0.0.0.255 area 0
!
ip http server
no ip http secure-server
ip classless
ip route 192.168.23.0 255.255.255.0 192.168.12.2
!
!
access-list 100 permit ip host 192.168.12.1 host 192.168.23.3
!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
!
end

r2#sho run
Building configuration...

Current configuration : 678 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname r2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip subnet-zero
!
!
ip cef
no ip domain lookup
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 2.2.2.2 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.12.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.23.2 255.255.255.0
duplex auto
speed auto
!
ip http server
no ip http secure-server
ip classless
!
!
!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
!
end

r3#sho run
Building configuration...

Current configuration : 1437 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname r3
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip subnet-zero
!
!
ip cef
no ip domain lookup
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
crypto isakmp policy 10
hash md5
authentication pre-share
lifetime 5000
crypto isakmp key cisco address 192.168.12.1
!
!
crypto ipsec transform-set ccsp ah-md5-hmac esp-des
mode transport
!
crypto map cisco 10 ipsec-isakmp
set peer 192.168.12.1
set transform-set ccsp
match address 100
!
!
!
!
interface Loopback0
ip address 3.3.3.3 255.255.255.0
!
interface Loopback1
ip address 33.33.33.33 255.255.255.0
!
interface Tunnel0
ip address 172.16.1.2 255.255.255.0
tunnel source 192.168.23.3
tunnel destination 192.168.12.1
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.23.3 255.255.255.0
duplex auto
speed auto
crypto map cisco
!
router ospf 100
router-id 3.3.3.3
log-adjacency-changes
network 3.3.3.0 0.0.0.255 area 0
network 33.33.33.0 0.0.0.255 area 0
network 172.16.1.0 0.0.0.255 area 0
!
ip http server
no ip http secure-server
ip classless
ip route 192.168.12.0 255.255.255.0 192.168.23.2
!
!
access-list 100 permit ip host 192.168.23.3 host 192.168.12.1
!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
!
end

阅读(511) | 评论(0) | 转发(0) |

上一篇：DHCP 基本配置

下一篇：Oracle 减少控制文件的个数

给主人留下些什么吧！~~

感谢所有关心和支持过ChinaUnix的朋友们

16024965号-6