Documentos de Académico
Documentos de Profesional
Documentos de Cultura
VPN Ipsec Isakmap
VPN Ipsec Isakmap
-------------------------
1era fase
config)license boot module c1900 technology-package securityk9
config)yes
config)wr
config)reload
config)crypto isakmp policy 30
(config-isakmp)hash sha
(config-isakmp)encryption aes
(config-isakmp)authentication pre-share
(config-isakmp)group 5
(config-isakmp)exit
config)crypto isakmp key VPNCCNA4 address 200.29.27.18
2da fase
(config)#crypto ipsec transform-set Zamora esp-aes esp-sha-sh
(config)#crypto ipsec transform-set Zamora esp-aes esp-sha-hmac
(config)#ip access-list extended ACLZAMORA
(config-ext-nacl)#permit ip 172.18.20.0 0.0.0.255 192.168.20.0 0.0.0.15
-----------------fase dos--------------------------------------------
(config)# crypto map VPNSANTIAGO 20 ipsec-isakmap
(config-crypto-map)#match address ACLZAMORA
(config-crypto-map)#set transform-set Zamora
(config-crypto-map)#set peer 200.29.27.18
(config-crypto-map)#exit
(config)#int gi 0/0 -----para activar vpn Siempre interface que va hacia internet
(config-if)#crypto map VPNSANTIAGO----- para activar vpn
cry
difi helmat 1 , 2 o 5 en fase 2
--------------------------------------------------------------
Router sanbernardo