快上网专注成都网站设计 成都网站制作 成都网站建设
成都网站建设公司服务热线:028-86922220

网站建设知识

十年网站开发经验 + 多家企业客户 + 靠谱的建站团队

量身定制 + 运营维护+专业推广+无忧售后,网站问题一站解决

Netscreen与Cisco跑OSPF

拓扑:

成都创新互联公司专注于广阳企业网站建设,响应式网站,商城网站制作。广阳网站建设公司,为广阳等地区提供建站服务。全流程按需定制制作,专业设计,全程项目跟踪,成都创新互联公司专业和态度为您提供的服务

Netscreen与Cisco跑OSPF

ISP Configuration:

int e0/0

ip add 200.1.1.1 255.255.255.0

no sh

int e0/1

ip add 200.1.2.1 255.255.255.0

no sh

Netscreen Cconfiguration:

set zone name y1
set interface "loopback.1" zone "Home"
set interface "loopback.2" zone "Home"
set interface "loopback.3" zone "Home"
set interface ethernet3 ip 200.1.1.2/24
set interface loopback.1 ip 192.168.1.1/24
set interface loopback.2 ip 192.168.2.1/24
set interface loopback.3 ip 192.168.3.1/24
set int tun.1 zone y1
set interface tunnel.1 ip 192.168.100.1/24
set interface ethernet3 ip manageable
set interface loopback.1 ip manageable
set interface loopback.2 ip manageable
set interface loopback.3 ip manageable
set address "Home" "192.168.1.0" 192.168.1.0 255.255.255.0
set address "Home" "192.168.2.0" 192.168.2.0 255.255.255.0
set address "Home" "192.168.3.0" 192.168.3.0 255.255.255.0
set address "y1" "192.168.4.0" 192.168.4.0 255.255.255.0
set address "y1" "192.168.5.0" 192.168.5.0 255.255.255.0
set address "y1" "192.168.6.0" 192.168.6.0 255.255.255.0
set group address "Home" "zongbu"
set group address "Home" "zongbu" add "192.168.1.0"
set group address "Home" "zongbu" add "192.168.2.0"
set group address "Home" "zongbu" add "192.168.3.0"
set group address "y1" "y1-add"
set group address "y1" "y1-add" add "192.168.4.0"
set group address "y1" "y1-add" add "192.168.5.0"
set group address "y1" "y1-add" add "192.168.6.0"
set ike gateway "to-y1" address 200.1.2.2 Main outgoing-interface "ethernet3" preshare "y4KsQRlYNP35xEsFuFCZCauPCCn/qc9NEA==" proposal "pre-g2-3des-md5"
set *** "y1" gateway "to-y1" no-replay tunnel idletime 0 proposal "g2-esp-3des-md5"
set *** "y1" id 0x2 bind interface tunnel.1
set policy id 6 from "Home" to "y1" "zongbu" "y1-add" "ANY" permit
set policy id 5 from "y1" to "Home" "y1-add" "zongbu" "ANY" permit
set router-id 1.1.1.1
set route 0.0.0.0/0 gateway 200.1.1.1
set interface loopback.1 protocol ospf area 0.0.0.0
set interface loopback.1 protocol ospf enable
set interface loopback.2 protocol ospf area 0.0.0.0
set interface loopback.2 protocol ospf enable
set interface loopback.3 protocol ospf area 0.0.0.0
set interface loopback.3 protocol ospf enable
set interface tunnel.1 protocol ospf area 0.0.0.0
set interface tunnel.1 protocol ospf enable

CISCO configuration:
crypto isakmp policy 10
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp key cisco address 200.1.1.2
!
!
crypto ipsec transform-set cisco esp-3des esp-md5-hmac
!
crypto ipsec profile ipsecprof
set transform-set cisco
!
interface Loopback0
ip address 192.168.4.1 255.255.255.0
ip ospf 110 area 0
!
interface Loopback1
ip address 192.168.5.1 255.255.255.0
ip ospf 110 area 0
!
interface Loopback2
ip address 192.168.6.1 255.255.255.0
ip ospf 110 area 0
!
interface Tunnel0
ip address 192.168.100.2 255.255.255.0
ip ospf 110 area 0
tunnel source 200.1.2.2
tunnel destination 200.1.1.2
tunnel mode ipsec ipv4
tunnel protection ipsec profile ipsecprof
!
interface Ethernet0/0
ip address 200.1.2.2 255.255.255.0
router ospf 110
log-adjacency-changes
ip route 0.0.0.0 0.0.0.0 200.1.2.1

Netscreen与Cisco跑OSPF

Netscreen与Cisco跑OSPF


分享名称:Netscreen与Cisco跑OSPF
转载源于:http://6mz.cn/article/jcdsio.html

其他资讯