Create an IPsec VPN tunnel using Packet Tracer - CCNA Security
http://danscourses.com - Learn how to create an IPsec VPN tunnel on Cisco routers using the Cisco IOS CLI. CCNA security topic.
1. Starting configurations for R1, ISP, and R3. Paste to global config mode :
hostname R1
interface g0/1
ip address 192.168.1.1 255.255.255.0
no shut
interface g0/0
ip address 209.165.100.1 255.255.255.0
no shut
exit
ip route 0.0.0.0 0.0.0.0 209.165.100.2
hostname ISP
interface g0/1
ip address 209.165.200.2 255.255.255.0
no shut
interface g0/0
ip address 209.165.100.2 255.255.255.0
no shut
exit
hostname R3
interface g0/1
ip address 192.168.3.1 255.255.255.0
no shut
interface g0/0
ip address 209.165.200.1 255.255.255.0
no shut
exit
ip route 0.0.0.0 0.0.0.0 209.165.200.2
2. Make sure routers have the security license enabled:
license boot module c1900 technology-package securityk9
3. Configure IPsec on the routers at each end of the tunnel (R1 and R3)
!R1
crypto isakmp policy 10
encryption aes 256
authentication pre-share
group 5
!
crypto isakmp key secretkey address 209.165.200.1
!
crypto ipsec transform-set R1-R3 esp-aes 256 esp-sha-hmac
!
crypto map IPSEC-MAP 10 ipsec-isakmp
set peer 209.165.200.1
set pfs group5
set security-association lifetime seconds 86400
set transform-set R1-R3
match address 100
!
interface GigabitEthernet0/0
crypto map IPSEC-MAP
!
access-list 100 permit ip 192.168.1.0 0.0.0.255 192.168.3.0 0.0.0.255
!R3
crypto isakmp policy 10
encryption aes 256
authentication pre-share
group 5
!
crypto isakmp key secretkey address 209.165.100.1
!
crypto ipsec transform-set R3-R1 esp-aes 256 esp-sha-hmac
!
crypto map IPSEC-MAP 10 ipsec-isakmp
set peer 209.165.100.1
set pfs group5
set security-association lifetime seconds 86400
set transform-set R3-R1
match address 100
!
interface GigabitEthernet0/0
crypto map IPSEC-MAP
!
access-list 100 permit ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255
Видео Create an IPsec VPN tunnel using Packet Tracer - CCNA Security канала danscourses
1. Starting configurations for R1, ISP, and R3. Paste to global config mode :
hostname R1
interface g0/1
ip address 192.168.1.1 255.255.255.0
no shut
interface g0/0
ip address 209.165.100.1 255.255.255.0
no shut
exit
ip route 0.0.0.0 0.0.0.0 209.165.100.2
hostname ISP
interface g0/1
ip address 209.165.200.2 255.255.255.0
no shut
interface g0/0
ip address 209.165.100.2 255.255.255.0
no shut
exit
hostname R3
interface g0/1
ip address 192.168.3.1 255.255.255.0
no shut
interface g0/0
ip address 209.165.200.1 255.255.255.0
no shut
exit
ip route 0.0.0.0 0.0.0.0 209.165.200.2
2. Make sure routers have the security license enabled:
license boot module c1900 technology-package securityk9
3. Configure IPsec on the routers at each end of the tunnel (R1 and R3)
!R1
crypto isakmp policy 10
encryption aes 256
authentication pre-share
group 5
!
crypto isakmp key secretkey address 209.165.200.1
!
crypto ipsec transform-set R1-R3 esp-aes 256 esp-sha-hmac
!
crypto map IPSEC-MAP 10 ipsec-isakmp
set peer 209.165.200.1
set pfs group5
set security-association lifetime seconds 86400
set transform-set R1-R3
match address 100
!
interface GigabitEthernet0/0
crypto map IPSEC-MAP
!
access-list 100 permit ip 192.168.1.0 0.0.0.255 192.168.3.0 0.0.0.255
!R3
crypto isakmp policy 10
encryption aes 256
authentication pre-share
group 5
!
crypto isakmp key secretkey address 209.165.100.1
!
crypto ipsec transform-set R3-R1 esp-aes 256 esp-sha-hmac
!
crypto map IPSEC-MAP 10 ipsec-isakmp
set peer 209.165.100.1
set pfs group5
set security-association lifetime seconds 86400
set transform-set R3-R1
match address 100
!
interface GigabitEthernet0/0
crypto map IPSEC-MAP
!
access-list 100 permit ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255
Видео Create an IPsec VPN tunnel using Packet Tracer - CCNA Security канала danscourses
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![What is IPSec?](https://i.ytimg.com/vi/tuDVWQOG0C0/default.jpg)
![GRE over IP Tunnel in Packet Tracer](https://i.ytimg.com/vi/FyQSOAevcyk/default.jpg)
![How to Configure VPN Remote Access+IPsec on Cisco Router_Full Video](https://i.ytimg.com/vi/SYGdxsDApyM/default.jpg)
![Site to Site VPN with IP Sec on Cisco Router](https://i.ytimg.com/vi/oamO3tfDUNE/default.jpg)
![Creating simple VPN using Cisco Packet Tracer in 10 minutes](https://i.ytimg.com/vi/uQbe-Kr1RWA/default.jpg)
![IPsec VPN Introduction - Video By Sikandar Shaik || Dual CCIE (RS/SP) # 35012](https://i.ytimg.com/vi/rxKbqR_jzVA/default.jpg)
![CCNA Security Lab 9.3.1.1: Configuring ASA Basic Settings and Firewall Using CLI](https://i.ytimg.com/vi/Jni0aQZY33Y/default.jpg)
![Understanding AH vs ESP and ISKAKMP vs IPSec in VPN tunnels](https://i.ytimg.com/vi/rwu8__GG_rw/default.jpg)
![Understanding Cisco SSL VPN vs IPSec VPN](https://i.ytimg.com/vi/F9Jt14PWm3U/default.jpg)
![Dynamic Multipoint VPN - Video By Sikandar Shaik || Dual CCIE (RS/SP) # 35012](https://i.ytimg.com/vi/ObIogLQARQA/default.jpg)
![Easy to Configure VPN Site to Site+IPsec on Cisco Router Full Video](https://i.ytimg.com/vi/Ha-8WSBArCA/default.jpg)
![NAT basics for beginners CCNA - Part 1](https://i.ytimg.com/vi/dUfKR2wC1Y4/default.jpg)
![GRE Tunnel Theory and Configuration](https://i.ytimg.com/vi/ZAFl4etjXs4/default.jpg)
![Site to Site VPNs for CCNAs](https://i.ytimg.com/vi/-hoKtNauHjI/default.jpg)
![Virtual Private Network (VPN) | Cisco CCNA 200-301](https://i.ytimg.com/vi/CtkyN0XqUj4/default.jpg)
![035 IPsec VPN Overview](https://i.ytimg.com/vi/ikSybz2e2RU/default.jpg)
![CCIE Routing & Switching version 5: IPsec- IKE phase 1](https://i.ytimg.com/vi/EXilMKzrEXs/default.jpg)
![Configuring ASA 5505 Security Policy, IPsec VPN, DHCP, NAT, SSH, NTP, Practice Lab](https://i.ytimg.com/vi/c0rrZCUDJzc/default.jpg)
![MicroNugget: IPsec Site to Site VPN Tunnels Explained | CBT Nuggets](https://i.ytimg.com/vi/CuxyZiSCSfc/default.jpg)