Saturday, February 28, 2009

Cisco 7.x VPN Example

Object-group network local_enc
network-object host 192.168.191.18
network-object host 192.168.191.19
network-object 192.168.166.128 255.255.255.128
network-object 192.168.187.8 255.255.255.248
network-object 192.168.187.16 255.255.255.248
exit

Object-group network remote_enc
network-object host 10.43.0.123
network-object host 10.112.0.8
network-object host 10.34.0.8
exit

tunnel-group 192.168.5.1 type ipsec-l2l
tunnel-group 192.168.5.1 ipsec-attributes
pre-shared-key abc123
exit


access-list VPN-192.168.5.1 permit ip object-group local_enc object-group remote_enc

crypto map vpn_map 3144 match address VPN-192.168.5.1
crypto map vpn_map 3144 set peer 192.168.5.1
crypto map vpn_map 3144 set transform-set aes_sha1
crypto map vpn_map 3144 set security-association lifetime seconds 3600

Posted by Jerome at 1:34 PM
Labels: , ,

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)