ASA-to-ASA ipsec lan-to-lan ***

 

ASA-to-ASA ipsec lan-to-lan ***

 
左边:
access-list 140 extended permit ip 10.1.1.0 255.255.255.0 192.168.1.0 255.255.255.0
access-list nonat extended permit ip 10.1.1.0 255.255.255.0 192.168.1.0 255.255.255.0
crypto ipsec transform-set myset esp-des esp-md5-hmac
crypto map outside_map 20 match address 140
crypto map outside_map 20 set peer 23.1.1.3
crypto map outside_map 20 set transform-set myset
crypto isakmp policy 10
 authentication pre-share
 encryption des
 hash md5
 group 2
 lifetime 86400
 exit
tunnel-group 23.1.1.3 type ipsec-l2l
tunnel-group 23.1.1.3 ipsec-attributes
pre-shared-key cisco
nat (inside) 0 access-list nonat
crypto map outside_map interface outside
Crypto isakmp enable outside
 
右边:
access-list 140 extended permit ip 192.168.1.0 255.255.255.0 10.1.1.0 255.255.255.0
access-list nonat extended permit ip 192.168.1.0 255.255.255.0 10.1.1.0 255.255.255.0
crypto ipsec transform-set myset esp-des esp-md5-hmac
crypto map outside_map 20 match address 140
crypto map outside_map 20 set peer 12.1.1.1
crypto map outside_map 20 set transform-set myset
crypto isakmp policy 10
 authentication pre-share
 encryption des
 hash md5
 group 2
 lifetime 86400
 exit
tunnel-group 12.1.1.1 type ipsec-l2l
tunnel-group 12.1.1.1 ipsec-attributes
pre-shared-key cisco
nat (inside) 0 access-list nonat
crypto map outside_map interface outside
Crypto isakmp enable outside

转载于:https://blog.51cto.com/439017543/963178

相关文章:

猜你喜欢
相关资源
相似解决方案
热门标签
Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode