Cisco VPN Site To Site

This is a GNS lab environnement


Site A

crypto isakmp policy 10
encr 3des
authentication pre-share
group 2
lifetime 900
crypto isakmp key 2mpi4axiz2i3oopHY3i2os2jysktun7Duei9by4zi address 13.13.13.2 no-xauth
!
!
crypto ipsec transform-set SHA-3DES esp-3des esp-sha-hmac
!
crypto map cm_adsl 42 ipsec-isakmp
set peer 13.13.13.2
set transform-set SHA-3DES
match address 100
!
!
!
interface FastEthernet0/0
ip address 12.12.12.2 255.255.255.0
ip nat outside
ip virtual-reassembly
speed 100
full-duplex
crypto map cm_adsl
!
!
interface FastEthernet0/1
ip address 192.168.30.1 255.255.255.0
ip nat inside
ip virtual-reassembly
speed 100
full-duplex
!
ip nat inside source route-map nonat interface FastEthernet0/0 overload
!
access-list 100 permit ip 192.168.30.0 0.0.0.255 192.168.20.0 0.0.0.255
access-list 130 deny ip 192.168.30.0 0.0.0.255 192.168.20.0 0.0.0.255
access-list 130 permit ip 192.168.30.0 0.0.0.255 any
!
!
route-map nonat permit 10
match ip address 130
!
!

Site B

crypto isakmp policy 10
encr 3des
authentication pre-share
group 2
lifetime 900
crypto isakmp key 2mpi4axiz2i3oopHY3i2os2jysktun7Duei9by4zi address 12.12.12.2 no-xauth
!
!
crypto ipsec transform-set SHA-3DES esp-3des esp-sha-hmac
!
crypto map cm_adsl 42 ipsec-isakmp
set peer 12.12.12.2
set transform-set SHA-3DES
match address 100
!


!
!
interface FastEthernet0/0
ip address 13.13.13.2 255.255.255.0
ip nat outside
ip virtual-reassembly
speed 100
full-duplex
crypto map cm_adsl
!
interface Serial0/0
no ip address
shutdown
clock rate 2000000
!
interface FastEthernet0/1
ip address 192.168.20.1 255.255.255.0
ip nat inside
ip virtual-reassembly
speed 100
full-duplex
!
!
ip route 0.0.0.0 0.0.0.0 13.13.13.1
!
!
ip nat inside source route-map nonat interface FastEthernet0/0 overload
!
access-list 100 permit ip 192.168.20.0 0.0.0.255 192.168.30.0 0.0.0.255
access-list 130 deny ip 192.168.20.0 0.0.0.255 192.168.30.0 0.0.0.255
access-list 130 permit ip 192.168.20.0 0.0.0.255 any
!
!
!
route-map nonat permit 10
match ip address 130
!
!

Advertisements
This entry was posted in LAB, Router and tagged , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s