=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2019.02.21 10:05:04 =~=~=~=~=~=~=~=~=~=~=~=
sh
*Feb 21 10:05:05.127: %CRYPTO-4-RECVD_PKT_INV_SPI: decaps: rec'd IPSEC packet has invalid spi for destaddr=110.110.110.1, prot=50, spi=0x93165353(2467713875), srcaddr=120.120.120.1, input interface=FastEthernet0/0
Cbtme-Hub#Ctm-u#sh run
           ^
% Invalid input detected at '^' marker.

Cbtme-Hub#sh run
Building configuration...

Current configuration : 10257 bytes
!
! Last configuration change at 09:43:11 UTC Thu Feb 21 2019
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
!
hostname Cbtme-Hub
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
no ip icmp rate-limit unreachable
ip cef
!
!
!
!
!
!
no ip domain lookup
ip domain name crypto.local
no ipv6 cef
!
!
multilink bundle-name authenticated
!
crypto pki trustpoint my-ca
 enrollment terminal
 serial-number none
 fqdn cbtme-hub.crypto.local
 ip-address none
 subject-name cn=cbtme-hub.crypto.local
 revocation-check none
!
!
!
crypto pki certificate map CERT-MAP 10
 subject-name co crypto.local
!
crypto pki certificate map CERT-MAP1 11
 subject-name co crypto.local
!
crypto pki certificate chain my-ca
 certificate 3C000000447730BC65EC0D10C6000000000044
  30820583 3082046B A0030201 0202133C 00000044 7730BC65 EC0D10C6 00000000 
  0044300D 06092A86 4886F70D 01010B05 00304B31 15301306 0A099226 8993F22C 
  64011916 056C6F63 616C3116 3014060A 09922689 93F22C64 01191606 63727970 
  746F311A 30180603 55040313 11637279 70746F2D 53554243 412D4341 2D31301E 
  170D3139 30323231 30313131 34345A17 0D323031 31323930 39313833 305A3021 
  311F301D 06035504 03131663 62746D65 2D687562 2E637279 70746F2E 6C6F6361 
  6C308201 22300D06 092A8648 86F70D01 01010500 0382010F 00308201 0A028201 
  0100CCB4 CD4686C9 64BF82D3 D43F09D9 13CA4EE6 A119D003 91333E6F 9F227516 
  636817EC 818787B2 AFDF1DC4 8758F227 06073797 0F0053AD F0857EB3 99A1F434 
  FCC8290F 111A7CD3 68480BE1 5643522E BC28D137 9B70C99C 1648EF92 208D4876 
  1428598B BDAC373C 4A9435E7 59304E52 7B1BA07A A6267129 364B2ED4 D5D4E9AF 
  5BCE236A 3FE2F32D C3CE5D99 7FEB3643 B08C301C 82F71333 950A76ED 9F1749E7 
  7531734B 3C252BE9 6D191148 0D947BBD 282D199C 9ECC9DC4 1DC11D76 0AD70432 
  D3B2EC71 B61AFBEB 81700DB0 9CC92FF4 499376B2 DFD8687F 5B6E6D8D 526E98EE 
  0F0FDC53 3120C2E3 672DA207 C70E6B68 FCE09C79 02394335 5259B259 127573F2 
  063B0203 010001A3 82028830 82028430 0E060355 1D0F0101 FF040403 0205A030 
  1D060355 1D0E0416 0414D5F4 250CB031 74A99CA0 0B39E4A9 0BD548CF 0E82301F 
  0603551D 23041830 1680145A 5B753B27 2969744B F221001B 7A52CDC9 58765E30 
  81CE0603 551D1F04 81C63081 C33081C0 A081BDA0 81BA8681 B76C6461 703A2F2F 
  2F434E3D 63727970 746F2D53 55424341 2D43412D 312C434E 3D537562 43412C43 
  4E3D4344 502C434E 3D507562 6C696325 32304B65 79253230 53657276 69636573 
  2C434E3D 53657276 69636573 2C434E3D 436F6E66 69677572 6174696F 6E2C4443 
  3D637279 70746F2C 44433D6C 6F63616C 3F636572 74696669 63617465 5265766F 
  63617469 6F6E4C69 73743F62 6173653F 6F626A65 6374436C 6173733D 63524C44 
  69737472 69627574 696F6E50 6F696E74 3081C406 082B0601 05050701 010481B7 
  3081B430 81B10608 2B060105 05073002 8681A46C 6461703A 2F2F2F43 4E3D6372 
  7970746F 2D535542 43412D43 412D312C 434E3D41 49412C43 4E3D5075 626C6963 
  2532304B 65792532 30536572 76696365 732C434E 3D536572 76696365 732C434E 
  3D436F6E 66696775 72617469 6F6E2C44 433D6372 7970746F 2C44433D 6C6F6361 
  6C3F6341 43657274 69666963 6174653F 62617365 3F6F626A 65637443 6C617373 
  3D636572 74696669 63617469 6F6E4175 74686F72 69747930 3C06092B 06010401 
  82371507 042F302D 06252B06 01040182 371508C6 9D6A81EB 9E5184C5 8F3C82F7 
  E70482F1 DE7B813C 87FB9D35 F9F72102 01640201 04302706 03551D25 0420301E 
  06082B06 01050507 03060608 2B060105 05080202 06082B06 01050507 03023033 
  06092B06 01040182 37150A04 26302430 0A06082B 06010505 07030630 0A06082B 
  06010505 08020230 0A06082B 06010505 07030230 0D06092A 864886F7 0D01010B 
  05000382 01010060 FE7E2E75 229A4FAE 589415D9 D347402C 3A74E0A9 AF4A76BE 
  628088E1 26FEB0AC B283355A BE26675A 4E3065C0 A5DD88AD 7D611792 8EE2D7D7 
  2586B50C B9ABC8A7 3EC50946 739B1F19 60B18E4A F378B18B D1EEC8FF DFD11152 
  DBA2D3BB 05F7E592 10FBEA5D 54D989B9 12C14DF1 E64DC219 79B4A16B 01BE16D0 
  BEA4747D E161F236 CE30341A B0CADBD8 F430AC13 D6401266 860F46AD 807BBE3E 
  1915A35B E0942AA4 6785DD28 1973A67B 58872892 CF9ED6FD 3836D97F 9807D8F2 
  CD4993EB A11E66C6 136F6A23 EFE40D4C 73931DE5 7FA83ACE 875575C0 83A05745 
  28C1E673 6DF54D62 21CE1073 2F1C4728 C5D3D1CA 19A2CB31 AB39787D 70B6486D 
  B75D6EE6 14B744
  	quit
 certificate ca 540000000278F61229E46F3DDB000000000002
  3082054D 30820435 A0030201 02021354 00000002 78F61229 E46F3DDB 00000000 
  0002300D 06092A86 4886F70D 01010B05 00304A31 15301306 0A099226 8993F22C 
  64011916 056C6F63 616C3116 3014060A 09922689 93F22C64 01191606 63727970 
  746F3119 30170603 55040313 10637279 70746F2D 524F4F54 43412D43 41301E17 
  0D313831 31323930 39303833 305A170D 32303131 32393039 31383330 5A304B31 
  15301306 0A099226 8993F22C 64011916 056C6F63 616C3116 3014060A 09922689 
  93F22C64 01191606 63727970 746F311A 30180603 55040313 11637279 70746F2D 
  53554243 412D4341 2D313082 0122300D 06092A86 4886F70D 01010105 00038201 
  0F003082 010A0282 010100BA 351C4BF6 9CCACBCF D34D9D1D A66D6ACD 97F50EFD 
  E5D04A86 665AFAF6 F8A38E41 4C9094B2 56983D88 0271E33E D88B5C2C 1BE1F3C5 
  0B071B2F 495C65DA 16F35FED 797B0083 6EFE0AFA 792C2FF8 ED68A7A3 FC023786 
  FC8E07E5 FBBF2F6D 6CA4DA10 B011967A 50721DB1 55417D3F 6D4D6EA6 3A6C5669 
  2C971388 02995D2F 90C58C42 0D693F64 47FA2182 50F3D37C 0C14A968 A6498963 
  FFCC24D9 AE68DF55 8404F5C7 4A628962 E46DA5BE 1610352A E0869FE1 3A426CD5 
  49C0EB70 90244D34 4834B7E4 45F803E0 ADB4291D CB033DF7 D50147E2 4C468624 
  6614E623 8A869EB6 9D5320FE BE8A0DDC 58F91AE9 37D397A7 8A7AA8BB 8B0BFC8A 
  61655720 B96B0464 8A4FA702 03010001 A3820229 30820225 30100609 2B060104 
  01823715 01040302 0100301D 0603551D 0E041604 145A5B75 3B272969 744BF221 
  001B7A52 CDC95876 5E301906 092B0601 04018237 1402040C 1E0A0053 00750062 
  00430041 300E0603 551D0F01 01FF0404 03020186 300F0603 551D1301 01FF0405 
  30030101 FF301F06 03551D23 04183016 8014EAE7 98FDF125 A1E58467 80EFFFC7 
  83928290 3CED3081 CE060355 1D1F0481 C63081C3 3081C0A0 81BDA081 BA8681B7 
  6C646170 3A2F2F2F 434E3D63 72797074 6F2D524F 4F544341 2D43412C 434E3D52 
  6F6F7443 412C434E 3D434450 2C434E3D 5075626C 69632532 304B6579 25323053 
  65727669 6365732C 434E3D53 65727669 6365732C 434E3D43 6F6E6669 67757261 
  74696F6E 2C44433D 63727970 746F2C44 433D6C6F 63616C3F 63657274 69666963 
  61746552 65766F63 6174696F 6E4C6973 743F6261 73653F6F 626A6563 74436C61 
  73733D63 524C4469 73747269 62757469 6F6E506F 696E7430 81C30608 2B060105 
  05070101 0481B630 81B33081 B006082B 06010505 07300286 81A36C64 61703A2F 
  2F2F434E 3D637279 70746F2D 524F4F54 43412D43 412C434E 3D414941 2C434E3D 
  5075626C 69632532 304B6579 25323053 65727669 6365732C 434E3D53 65727669 
  6365732C 434E3D43 6F6E6669 67757261 74696F6E 2C44433D 63727970 746F2C44 
  433D6C6F 63616C3F 63414365 72746966 69636174 653F6261 73653F6F 626A6563 
  74436C61 73733D63 65727469 66696361 74696F6E 41757468 6F726974 79300D06 
  092A8648 86F70D01 010B0500 03820101 0035B7D1 A2D72FB8 6A87DA5E EF20D5FE 
  200B5502 298D2792 C0D21AD3 003A57DE C52FD774 9E24D28C AB7E9B06 114B1789 
  8668CF66 7ECDDC0B 3C62E120 EDD70912 77612379 104187A8 561C9410 06EBC267 
  22D5D4D3 C8F38806 6C10F16E 3F4F9370 FCFB7E1A 544C6382 C6D3FCFE 43EE4144 
  A137BF03 177C56D6 C22948E2 75062245 1A47A6B8 CDC04EA8 2A870010 F532EB9B 
  45FDE964 0AD5D8AE A4555293 314BB317 9ACC3361 46D0DF36 FA6EF533 F32FE149 
  75E08FEE 9372F000 87D0C012 3297696D 0E08A9E7 D93F4ED1 141C0D85 6A016720 
  3D0B82B0 757A25D9 60FCD394 8E6437F4 49175569 BD73A215 BAA1DFA5 DFD2A8C7 
  F79277D7 63755C50 B7BD3437 AFBB7BB1 14
  	quit
!
!
!
!
!
!
!
ip tcp synwait-time 5
! 
!
crypto ikev2 proposal DMVPN-proposal 
 encryption aes-cbc-256
 integrity sha256
 group 14
crypto ikev2 proposal DMVPN-proposal1 
 encryption aes-cbc-256
 integrity sha256
 group 14
!
crypto ikev2 policy DMVPN-POLICY 
 proposal DMVPN-proposal
crypto ikev2 policy DMVPN-POLICY1 
 proposal DMVPN-proposal
!
!
crypto ikev2 profile DMVPN-PROF
 match certificate CERT-MAP
 authentication remote rsa-sig
 authentication local rsa-sig
 pki trustpoint my-ca
!
crypto ikev2 profile DMVPN-PROF1
 match certificate CERT-MAP1
 identity local dn 
 authentication remote rsa-sig
 authentication local rsa-sig
 pki trustpoint my-ca
!
!
!
crypto ipsec transform-set DMVPN-TS esp-aes 256 esp-sha256-hmac 
 mode transport
!
crypto ipsec profile DMVPN-IPSEC
 set transform-set DMVPN-TS 
 set ikev2-profile DMVPN-PROF
!
crypto ipsec profile DMVPN-IPSEC1
 set transform-set DMVPN-TS 
 set ikev2-profile DMVPN-PROF1
!
!
!
!
!
!
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.0
!
interface Loopback1
 ip address 11.11.11.11 255.255.255.0
!
interface Tunnel0
 ip address 192.168.200.1 255.255.255.0
 no ip redirects
 no ip split-horizon eigrp 10
 ip nhrp map multicast dynamic
 ip nhrp network-id 200
 delay 1000
 tunnel source FastEthernet2/0
 tunnel mode gre multipoint
 tunnel key 2
 tunnel protection ipsec profile DMVPN-IPSEC1
!
interface Tunnel1
 ip address 192.168.100.1 255.255.255.0
 no ip redirects
 ip mtu 1400
 no ip split-horizon eigrp 10
 ip nhrp map multicast dynamic
 ip nhrp network-id 111
 ip nhrp redirect
 ip tcp adjust-mss 1360
 delay 1500
 tunnel source FastEthernet0/0
 tunnel mode gre multipoint
 tunnel key 1
 tunnel protection ipsec profile DMVPN-IPSEC1
!
interface FastEthernet0/0
 ip address 110.110.110.1 255.255.255.0
 duplex full
!
interface FastEthernet1/0
 no ip address
 shutdown
 speed auto
 duplex auto
!
interface FastEthernet1/1
 no ip address
 shutdown
 speed auto
 duplex auto
!
interface FastEthernet2/0
 ip address 150.150.150.1 255.255.255.0
 speed auto
 duplex auto
!
interface FastEthernet2/1
 no ip address
 shutdown
 speed auto
 duplex auto
!
!
router eigrp 10
 network 1.1.1.0 0.0.0.255
 network 11.11.11.0 0.0.0.255
 network 192.168.100.1 0.0.0.0
 network 192.168.200.1 0.0.0.0
!
router bgp 101
 bgp log-neighbor-changes
 neighbor 110.110.110.2 remote-as 100
 neighbor 110.110.110.2 route-map failoverlink in
 neighbor 110.110.110.2 route-map PREPEND out
 neighbor 150.150.150.2 remote-as 100
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
!
route-map failoverlink permit 10
 set local-preference 80
!
route-map PREPEND permit 10
 set as-path prepend 101 101
!
!
!
control-plane
!
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 stopbits 1
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 stopbits 1
line vty 0 4
 login
!
!
end

Cbtme-Hub#