VPN Cisco IPSec IP安全虚拟专网的实现

VPNCisco IPSec

一、实验拓扑：

二、实验要求：

保证两个站点的路由没问题。

在站点A与站点B间配置VPN，保障企业的网络通过互联网连接起来。 三、实验的配置： R1的全部配置： r1#show running-config

Building configuration... Current configuration : 597 bytes !

version 12.4

no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption !

hostname r1 ! ! ! ! ! ! ! ! ! ! ! ! ! !

spanning-tree mode pvst ! ! !

!

interface FastEthernet0/0

ip address 192.168.2.3 255.255.255.0 duplex auto speed auto !

interface FastEthernet0/1

ip address 192.168.0.1 255.255.255.0 duplex auto speed auto !

interface Vlan1 no ip address shutdown !

ip classless

ip route 192.168.1.0 255.255.255.0 192.168.2.1 ip route 0.0.0.0 0.0.0.0 192.168.2.1 ! ! ! ! ! ! ! line con 0 !

line aux 0 !

line vty 0 4 login ! ! ! end

siteA的全部配置: siteA# show running-config Building configuration... Current configuration : 1184 bytes !

version 12.4

no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption !

hostname siteA ! ! ! ! ! ! ! !

crypto isakmp policy 10 encr 3des hash md5

authentication pre-share group 2 !

crypto isakmp key cisco address 61.128.1.1 ! !

crypto ipsec transform-set cisco esp-3des esp-md5-hmac !

crypto map map 10 ipsec-isakmp set peer 61.128.1.1 set transform-set cisco match address vpn ! ! ! ! !

spanning-tree mode pvst ! ! ! !

interface FastEthernet0/0

ip address 192.168.2.1 255.255.255.0

本文来源：https://www.bwwdw.com/article/kre2.html