8.8 无固定IPSEC场景-主模式

1.无固定IP场景-主模式(R1和R3都不固定IP)

图片[1]-8.8 无固定IPSEC场景-主模式-大赛人网

1)R1(基础配置同上)

#ike proposal配置
ike proposal 5
 encryption-algorithm aes-cbc-128

#ike local-name配置
ike local-name www.dsrw.cn

#ike peer配置
ike peer R3 v1
#主模式
exchange-mode main
 pre-shared-key cipher huawei
 ike-proposal 5
 local-id-type name
 remote-address www.dsrw.com

#ipsec proposal配置
ipsec proposal pps1
 transform ah-esp
 ah authentication-algorithm sha1
 esp authentication-algorithm sha1
 esp encryption-algorithm aes-128

#ipsec policy配置
ipsec policy pl01 10 isakmp
 security acl 3001
 ike-peer R3
 proposal pps1

#接口应用
interface GigabitEthernet0/0/0
 ipsec policy pl01

2)R3(基础配置同上)

#ike proposal配置
ike proposal 5
 encryption-algorithm aes-cbc-128

#ike local-name配置
ike local-name www.dsrw.com

#ike peer配置
ike peer R1 v1
#主模式
exchange-mode main
 pre-shared-key cipher huawei
 ike-proposal 5
 local-id-type name
 remote-address www.dsrw.cn

#ipsec proposal配置
ipsec proposal pps1
 transform ah-esp
 ah authentication-algorithm sha1
 esp authentication-algorithm sha1
 esp encryption-algorithm aes-128

#ipsec policy配置
ipsec policy pl01 10 isakmp
 security acl 3001
 ike-peer R1
 proposal pps1

#接口应用
interface GigabitEthernet0/0/0
 ipsec policy pl01
© 版权声明
THE END
喜欢就支持一下吧
点赞6 分享
评论 抢沙发
头像
欢迎您留下宝贵的见解!
提交
头像

昵称

取消
昵称

    请登录后查看评论内容