Filter
Top Products
Configuration Guide Page 33 of 55
9.1 VPN IPSEC site-to-site tunnel certification PKI
XSR-1805_1#show running-config
!!
! Version 4.0.0.0, Built Mar 26 2003, 19:47:17
!
hostname XSR-1805_1
!
crypto isakmp proposal prop-map1
authentication rsa-sig
group 5
lifetime 10800
!
access-list 101 permit ip 10.10.10.0 0.0.0.255 any
!
crypto isakmp peer 20.20.20.1 255.255.255.255
proposal prop-map1
config-mode gateway
!
crypto ipsec transform-set VPN-3des esp-3des esp-sha-hmac
set pfs group2
set security-association lifetime kilobytes 1000000
set security-association lifetime seconds 3601
!
crypto map c-map1 75
set transform-set VPN-3des
match address 101
set peer 20.20.20.1
mode tunnel
!
interface FastEthernet1
description "LAN-Interface1"
ip address 80.80.80.1 255.255.255.0
no shutdown
!
interface FastEthernet2
description "LAN-Interface2"
crypto map c-map1
ip address 20.20.20.2 255.255.255.0
no shutdown
!
ip route 10.10.10.0 255.255.255.0 20.20.20.1
ip route 0.0.0.0 0.0.0.0 80.80.80.254
!
ip host labor-enterasys 192.168.224.22
ip host Enterasys-Networks-CA 192.168.224.22
!
end
XSR-1805_1#