取消
显示结果 
搜索替代 
您的意思是: 
cancel
1477
查看次数
0
有帮助
2
评论
13nash
Collaborator
Collaborator
ASA 9.1版本配置接口
interface GigabitEthernet0/0
nameif inside
security-level 100
ipaddress 192.168.0.254 255.255.255.0
!
interface GigabitEthernet0/1
speed 100
duplex full
nameif outside
security-level 0
ipaddress y.y.y.181 255.255.255.128
Object
object network Zzz_172.16.0.0_16
subnet 172.16.0.0 255.255.0.0
object network Zzz_172.29.0.0_16
subnet172.29.0.0 255.255.0.0
object network Inside-Network-vpn
subnet 192.168.0.0 255.255.255.0
Nat
nat (inside,outside) source staticInside-Network-vpn Inside-Network-vpn destination static Zzz_172.29.0.0_16 Zzz_172.29.0.0_16no-proxy-arp route-lookup
nat (inside,outside) source staticInside-Network-vpn Inside-Network-vpn destination static Zzz_172.16.0.0_16 Zzz_172.16.0.0_16no-proxy-arp route-lookup
感兴趣流
access-list 100 extended permit ip192.168.0.0 255.255.255.0 172.16.0.0 255.255.0.0
access-list 100 extended permit ip192.168.0.0 255.255.255.0 172.29.0.0 255.255.0.0
Ike阶段1
crypto ikev1 enable outside
crypto ikev1 policy 10
authentication pre-share
encryption des
hashmd5
group 2
lifetime 86400
Ike阶段2
crypto ipsec ikev1 transform-set QTOC esp-desesp-md5-hmac
crypto map my_map 5 match address 100
crypto map my_map 5 set peer x.x.x.9
crypto map my_map 5 set ikev1 transform-setQTOC
组策略
group-policy GroupPolicy_x.x.x.9 internal
group-policy GroupPolicy_x.x.x.9 attributes
vpn-tunnel-protocol ikev1
split-tunnel-policy tunnelspecified
split-tunnel-network-list value 100
split-tunnel-all-dns disable
隧道组
tunnel-group x.x.x.9 type ipsec-l2l
tunnel-group x.x.x.9 general-attributes
default-group-policy GroupPolicy_x.x.x.9
tunnel-group x.x.x.9 ipsec-attributes
ikev1 pre-shared-key **
评论
one-time
Expert
Expert
感谢13nash 对常用配置的分享~~第一个分享家:handshake
suzhouxiaoniu
Advocate
Advocate
支持分享...
入门指南

使用上面的搜索栏输入关键字、短语或问题,搜索问题的答案。

我们希望您在这里的旅程尽可能顺利,因此这里有一些链接可以帮助您快速熟悉思科社区:





认可您的同行
快捷链接