Objective:
IPSec (internetprotocolsecurity) is an open standard framework structure and a long-term direction for secure networking. It provides proactive protection through end-to-end security to prevent private network and internet attacks. In communications, only the sender and receiver are the only computers that must understand IPSEC protection. Secure and secure communication between workgroups, local area network computers, domain clients and servers, branch offices (physically remote institutions), extranets, and roaming clients by using encrypted security services.
Test environment:
Here we use a s3526 switch to simulate Internet two quidway S2403h-hi switches as LAN connection devices
Two 192.168.1.0 and 192.168.2.0 network segments connected by firewall on both sides respectively
Achieving cheap connectivity using VPN technology
IPSec technology is used between two firewalls to allow two of LANs to communicate securely
Experimental purposes:
The interconnection of the LAN between 192.168.1.0 and 192.168.2.0 segments is achieved by setting up IPSec on the tunnel.
Configuration of the S3526 switch (analog Internet)
<quidway>system-view
[Quidway]sysname ISP
Creating VLANs and adding ports to the VLAN
[Isp]vlan 10
[Isp-vlan10]port E0/10
[Isp-vlan10]vlan 20
[Isp-vlan20]port E0/20
Configure interface addresses
[Isp-vlan20]int VLAN 10
[Isp-vlan-interface10]ip Add 61.130.130.2 255.255.255.0
[Isp-vlan-interface10]int Vlan 20
[Isp-vlan-interface20]ip Add 61.130.132.2 255.255.255.0
[Isp-vlan-interface20]dis IP routing-table View routing table