[IMG][/IMG]
ابي شرح لل configuration لهذا اللاب
هذه configuration للراوترات
R1
كود PHP:
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
!
!
!
!
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp key cisco123 address 192.168.1.2
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-aes
!
crypto map SDM_CMAP_1 1 ipsec-isakmp
description Tunnel to192.168.1.2
set peer 192.168.1.2
set transform-set ESP-3DES-SHA
match address test1
!
!
!
!
interface Loopback0
ip address 10.0.0.1 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255.0
duplex auto
speed auto
crypto map SDM_CMAP_1
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
ip forward-protocol nd
ip route 10.0.0.2 255.255.255.255 192.168.1.2
!
!
no ip http server
no ip http secure-server
!
ip access-list extended test1
permit ip host 10.0.0.1 host 10.0.0.2
!
وهذه لل R2
كود PHP:
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
!
!
!
!
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp key cisco123 address 192.168.1.1
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-aes
!
crypto map SDM_CMAP_1 1 ipsec-isakmp
description Tunnel to192.168.1.1
set peer 192.168.1.1
set transform-set ESP-3DES-SHA
match address test1
!
!
!
!
interface Loopback0
ip address 10.0.0.2 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.1.2 255.255.255.0
duplex auto
speed auto
crypto map SDM_CMAP_1
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
ip forward-protocol nd
ip route 10.0.0.1 255.255.255.255 192.168.1.1
!
!
no ip http server
no ip http secure-server
!
ip access-list extended test1
permit ip host 10.0.0.2 host 10.0.0.1
!
!
!
اريد الشرح ابتداء من crypto isakmp policy 1 أتمنى منكم المساعدة وشكرا
المفضلات