Home > Cloud Computing > Cloud Security

Netscreen and Cisco run OSPF

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Topology:

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131227/09314U356-0.png "title =" 1.PNG" alt = "161150555.png"/>

ISP Configuration:

Int e0/0

Ip add 200.1.1.1 255.255.255.0

No sh

Int e0/1

Ip add 200.1.2.1 255.255.255.0

No sh


Netscreen Cconfiguration:



Set zone name y1 set interface "loopback.1" zone "Home" set interface "loopback.2" zone "Home" set interface "loopback.3" zone "Home" set interface ethernet3 ip 200.1.1.2/24 set interface loopback.1 ip 192.168.1.1/24 set interface loopback.2 ip 192.168.2.1/24 set interface 255.ip 192.168.3.1/24 set int tun.1 zone y1set interface tunnel.1 ip 192.168.100.1/24 set interface ethernet3 ip manageableset interface loopback.1 ip manageableset interface loopback.2 ip manageableset interface specified ip manageableset address "Home" "192.168.1.0" 192.168.1.0 255.255.255.0set address "Home" "192.168.2.0" 192.168.2.0 255.255.255.0set address "Home" "192.168.3.0" 192.168.3.0 255.255.255.0set address "y1" 192.168.4.0 ""192.168.4.0 255.255.255.0set address" y1 "" 192.168.5.0 "192.168.5.0 255.255.255.0set address" y1 "" 192.168.6.0 "192.168.6.0 255.255.255.0set group address" Home "" zongbu "set group address" Home "zongbu" add" 192.168.1.0 "set group address" Home "" zongbu "add" 192.168.2.0 "set group address" Home "" zongbu "add" 192.168.3.0 "set group address" y1 "y1-add" set group address "y1" "y1-add" add "192.168.4.0" set group address "y1" "y1-add" add "192.168.5.0" set group address "y1" y1-add "add" 192.168.6.0 "set ike gateway" to-y1 "address 200.1.2.2 Main outgoing-interface" ethernet3 "preshare" leading/qc9NEA = "proposal" pre-g2-3des-md5 "set vpn" y1 "gateway" to-y1 "no-replay tunnel idletime 0 proposal" g2-esp-3des-md5 "set vpn" y1 "id 0x2 bind interface tunnel.1set policy id 6 from" Home "to" y1 "" zongbu "y1-add" "ANY" permit set policy id 5 from "y1" to "Home" "y1-add" "zongbu" "ANY" permit set router-id 1.1.1.1set route 0.0.0.0/0 gateway 200.1.1.1set interface loopback.1 protocol ospf area 0.0.0.0set interface loopbackproto.1 ospf enableset interface loopback.2 protocol ospf area protocol interface loopback.2 protocol ospf enableset interface loopback.3 protocol ospf area 0.0.0.0set interface loopback.3 protocol ospf enableset interface tunnel.1 protocol ospf area 0.0.0.0set interface tunnel.1 protocol ospf enable




CISCO configuration: crypto isakmp policy 10 encr 3des hash md5 authentication pre-share group 2 crypto isakmp key cisco address 200.1.1.2! ! Crypto ipsec transform-set cisco esp-3des esp-md5-hmac! Crypto ipsec profile ipsecprof set transform-set cisco! Interface Loopback0 ip address 192.168.4.1 255.255.255.0 ip ospf 110 area 0! Interface Loopback1 ip address 192.168.5.1 255.255.255.0 ip ospf 110 area 0! Interface Loopback2 ip address 192.168.6.1 255.255.255.0 ip ospf 110 area 0! Interface Tunnel0 ip address 192.168.100.2 255.255.0 ip ospf 110 area 0 tunnel source 200.1.2.2 tunnel destination 200.1.1.2 tunnel mode ipsec ipv4 tunnel protection ipsec profile ipsecprof! Interface Ethernet0/0 ip address 200.1.2.2 255.255.255.0router ospf 110 log-adjacency-changesip route 0.0.0.0 0.0.0.0 200.1.2.1


650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131227/09314Uc3-1.png "title =" 2.PNG" alt = "161708106.png"/>

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131227/09314QD8-2.png "title =" 3.PNG" alt = "161721107.png"/>


This article is from the "Cisco, zhanbo, Huawei" blog, please be sure to keep this source http://rujinfeng.blog.51cto.com/2712746/1303484

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More