拓扑图如下:图中R2和R4充当内网下的客户机,指定默认网关,首先完成R1、R2、R3和R4的基础配置。在R1和R3之间通过Tunnel来建立×××,在R1、ISP和R3上启用OSPF路由协议。发下是×
.
拓扑图如下:
图中R2和R4充当内网下的客户机,指定默认网关,首先完成R1、R2、R3和R4的基础配置。
在R1和R3之间通过Tunnel来建立×××,在R1、ISP和R3上启用OSPF路由协议。
发下是×××部分的配置:
R1:
conf tint tunnel 0ip add 1.1.1.1 255.255.255.252tunnel source 100.1.1.1tunnel destination 200.1.1.1no shutexitcrypto isakmp enablecrypto isakmp policy 1encryption aeshash shagroup 2authentication pre-shareexitcrypto isakmp key 6 IPSEC-TUNNEL address 200.1.1.1access-list 100 permit gre host 1.1.1.1 host 1.1.1.2access-list 100 permit ip 10.1.1.0 0.0.0.3 192.168.1.0 0.0.0.255crypto ipsec transform-set myset ah-md5-hmac esp-sha-hmac esp-aesmode tunnelexitcrypto map mymap 1 ipsec-isakmpmatch address 100set transform-set mysetset peer 200.1.1.1exitint tunnel 0crypto map mymapint e0/1crypto map mymapend
R3:
conf tint tunnel 0ip add 1.1.1.2 255.255.255.252tunnel source 200.1.1.1tunnel destination 100.1.1.1no shutexitcrypto isakmp enablecrypto isakmp policy 1encryption aeshash shagroup 2authentication pre-shareexitcrypto isakmp key 6 IPSEC-TUNNEL address 100.1.1.1access-list 100 permit gre host 1.1.1.2 host 1.1.1.1access-list 100 permit ip 192.168.1.0 0.0.0.255 10.1.1.0 0.0.0.3crypto ipsec transform-set myset ah-md5-hmac esp-sha-hmac esp-aesmode tunnelexitcrypto map mymap 1 ipsec-isakmpmatch address 100set transform-set mysetset peer 100.1.1.1exitint tunnel 0crypto map mymapint e0/0crypto map mymapend