Sample of NetVanta 2054 Site
to Site or IPSec VPN
!
clock timezone -6-Central-Time
!
ip subnet-zero
ip classless
ip domain-proxy
ip domain-name "hsd1.il.comcast.net."
ip name-server 192.168.11.1 4.2.2.1
ip routing
!
event-history on
no logging forwarding
logging forwarding priority-level info
no logging email
logging email priority-level info
!
!
ip policy-timeout tcp telnet 28800
!
ip firewall
no ip firewall alg h323
ip firewall alg sip
!
!
!
!
!
ip dhcp-server excluded-address 192.168.11.0 192.168.11.2
ip dhcp-server excluded-address 192.168.11.255
!
ip dhcp-server pool "Private"
network 192.168.11.0 255.255.255.0
domain-name "ah2054"
dns-server 192.168.2.1 4.2.2.1
netbios-node-type h-node
default-router 192.168.11.1
!
ip crypto
!
crypto ike policy 102
initiate main
respond anymode
local-id address x.x.53.106
peer x.x.129.37
attribute 1
encryption 3des
hash md5
authentication pre-share
!
crypto ike remote-id address x.x.129.37 preshared-key 12345678 ike-policy
102
crypto map VPN 30 no-mode-config no-xauth
!
crypto ipsec transform-set esp-3des-esp-md5-hmac esp-3des esp-md5-hmac
mode tunnel
!
crypto map VPN 30 ipsec-ike
description AH to EG
match address VPN-30-vpn-selectors
set peer x.x.129.37
set transform-set esp-3des-esp-md5-hmac
ike-policy 102
!
!
vlan 1
name "Default"
!
interface eth 0/1
description AH2054
ip address x.x.53.106 255.255.255.248
access-policy Public
crypto map VPN
no shutdown
!
interface eth 0/2
no shutdown
!
interface eth 0/3
no shutdown
!
interface eth 0/4
no shutdown
!
interface eth 0/5
no shutdown
!
!
interface vlan 1
description Inside
ip address 192.168.11.1 255.255.255.0
access-policy Private
no shutdown
!
!
!
!
!
ip access-list standard wizard-ics
remark Internet Connection Sharing
permit any
!
!
ip access-list extended self
remark Traffic to Netvanta
permit ip any any log
!
ip access-list extended VPN-30-vpn-selectors
permit ip 192.168.11.0 0.0.0.255 192.168.0.0 0.0.0.255
!
ip access-list extended web-acl-7
remark Admin Access
permit tcp any any eq www log
permit tcp any any eq telnet log
permit tcp any any eq https log
permit icmp any any echo log
!
ip access-list extended web-acl-9
remark TS
permit tcp any host x.x.53.106 eq 3389 log
!
ip policy-class Private
allow list VPN-30-vpn-selectors
allow list self self
nat source list wizard-ics interface eth 0/1 overload
!
ip policy-class Public
allow reverse list VPN-30-vpn-selectors
allow list web-acl-7 self
nat destination list web-acl-9 address 192.168.11.2
!
!
!
ip route 0.0.0.0 0.0.0.0 x.x.53.105
!
no ip tftp server
ip http server
ip http secure-server
no ip snmp agent
no ip ftp agent
ip scp server
!
!
!
!
!
line con 0
login local-userlist
!
line telnet 0 4
login local-userlist
!
!
!
end
AH2054#
Sample of ASA
VPN, Site to Site VPN and Webvpn
Sample of Cisco PIX
515E Configuration
Sample
of Cisco PIX VPN Configuration
Sample of NetVanta
2054 Site to Site or IPSec VPN
Sample
of PIX VPN using SDM - Step by Step
|