7200 GRE (tunnel) +IPSEC (transfer mode +pre-share) configuration

Source: Internet
Author: User
Tags hmac

R6 Router GRE partial configuration


En

Config T

No IP domain-lookup

IP classless

IP Subnet-zero

Host R6

Interface Loopback 0

IP address 10.1.1.1 255.255.255.0


Interface Serial 1/2

IP address 173.16.1.1 255.255.255.252

No shutdown


int FA 2/0

IP addr 11.0.0.1 255.0.0.0

No shutdown


Interface Tunnel 0

IP unnumbered serial 1/2

Tunnel Source Serial 1/2

Tunnel Destination 173.16.1.2

No shut

Exit


IP Route 0.0.0.0 0.0.0.0 173.16.1.2

IP Route 10.2.2.0 255.255.255.0 tunnel0

End

Show IP route


R7

En

Config T

No IP domain-lookup

IP classless

IP Subnet-zero

Host R7


Interface Loopback0

IP addr 10.2.2.1 255.255.255.0


Interface Serial 1/5

IP addr 173.16.1.2 255.255.255.252

No shutdown


int FA 2/0

IP addr 12.0.0.1 255.0.0.0

No shut


Interface Tunnel0

IP unnumbered serial 1/5

Tunnel Source Serial 1/5

Tunnel Destination 173.16.1.1

No shut

Exit


IP Route 0.0.0.0 0.0.0.0 173.16.1.1

IP Route 10.1.1.0 255.255.255.0 tunnel0

IP Route 0.0.0.0 0.0.0.0 tunnel0

End

Show IP route

Config T

Router RIP

Ver 2

NET 12.0.0.0

NET 10.2.2.0

NET 173.16.1.0





R6 Router IPSec partial configuration

Conf t

Crypto ISAKMP Enable

Crypto ISAKMP Policy 10

Hash MD5

Authentication Pre-share

Encryption 3DES

Group 2

Exit


Crypto ISAKMP key cisco1234 Addrss 173.16.1.2


Crypto IPSec Transform-set CCSP esp-des Esp-md5-hmac

Mode transport

Exit


Access-list 101 Permit GRE host 173.16.1.1 host 173.16.1.2

Access-list 101 Permit GRE 11.0.0.0 0.255.255.255 12.0.0.0 0.255.255.255



Cyypto map Cisco IPSEC-ISKMP

Set Peer 173.16.1.2

Set Transform-set CCSP

Match Address 101

Exit


Interface Serial 1/2

Crypto map Cisco

No shut

End

show IP int Brief

Show IP route


R7 Router IPSec partial configuration


Config T

Crypto ISAKMP Enable

Crypto ISAKMP Policy 10

Hash MD5

Authentication Pre-share

Encryption 3DES

Group2

Exit


Crypto ISAKMP key cisco1234 address 173.16.1.1


Cypto IPSec Transform-set CCSP esp-des Esp-md5-hmac

Mode transport

Exit


Access-list 101 Permit GRE host 173.16.1.2 host 173.16.1.1

Access-list 101 Permit GRE 12.0.0.0 0.255.255.255 11.0.0.0 0.255.255.255


Crypto map Cisco IPSEC-ISAKMP

Set Peer 173.16.1.1

Set Transform-set CCSP

Match Address 101

Exit


Interface S1/5

Crypto map Cisco

No shut

End

show IP int Brief

Show IP route


This article is from the "Network Engineer" blog, please be sure to keep this source http://zhengfei.blog.51cto.com/1617522/1883530

7200 GRE (tunnel) +IPSEC (transfer mode +pre-share) configuration

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.