根据如图组网和下列配置可以判断这是一个()技术的应用RTA:
[RTA]ike proposal 1
[RTA-ike-proposal-1]quit
[RTA]ike keychain keychain1
[RTA-ike-keychain-keychain1]pre-shared-key address 100.1.1.2 key simple h3c
[RTA-ike-keychain-keychain1]quit
[RTA]ike profile profile1
[RTA-ike-profile-profile1 ]keychain keychain1
[RTA-ike-profile-profile1]local-identity address 100.1.1.1
[RTA-ike-profile-profile1]match remote identity address 100.1.1.2
[RTA-ike-profile-profilel]proposal 1
[RTA-ike-profile-profile1]quit
[RTA]acl advanced 3000
[RTA-acl-ipv4-adv-3000] rule 5 permit ip source 10.1.1.0 0.0.0.255 destination 10.3.1.0 0.0.0.255
[RTA-acl-ipv4-adv-3000]quit
[RTA]ipsec transform-set tran1
[RTA-ipsec-transform-set-tranl]esp encryption-algorithm 3des-cbc
[RTA-ipsec-transform-set-tranl]esp authentication-algorithm md5
[RTA-ipsec-transform-set-tran1]quit
[RTA]ipsec policy policy1 1 isakmp
[RTA-ipsec-policy-isakmp-policy1-1]transform-set tranl
[RTA-ipsec-policy-isakmp-policy1-1]security acl 3000
[RTA-ipsec-policy-isakmp-policy1-1]remote-address 100.1.1.2
[RTA-ipsec-policy-isakmp-policy1-1]ike-profile profilel
[RTA-ipsec-policy-isakmp-policy1-1]quit
[RTA]interface GigabitEthernet 0/0
[RTA-GigabitEthernet0/0]ip address 10.1.1.2 255.255.255.0
[RTA-GigabitEthernet0/0]quit
[RTA]interface LoopBack 0
[RTA-LoopBack0]ip address 1.1.1.1 255.255.255.255
[RTA-LoopBack0]quit
[RTA]interface Serial 1/0
[RTA-Serial1/0]ip address 10.2.1.1 255.255.255.0
[RTA-Serial1/0]quit
[RTA]interface Tunnel1 mode gre
[RTA-Tunnel1]ip address 100.1.1.1 255.255.255.0
[RTA-Tunnel1]source 1.1.1.1
[RTA-Tunnel1]destination 2.2.2.2
[RTA-Tunnel1]ipsec apply policy policy1
[RTA-Tunnel1]quit
[RTA]ip route-static 2.2.2.2 255.255.255.255 10.2.1.2
[RTA]ip route-static 10.3.1.0 255.255.255.0 Tunnel 1
RTB:
[RTB]ike proposal 1
[RTB-ike-proposal-1]quit
[RTB]ike keychain keychain1
[RTB-ike-keychain-keychainl]pre-shared-key address 100.1.1.1 key simple h3c
[RTB-ike-keychain-keychain1]quit
[RTB]ike profile profilel
[RTB-ike-profile-profle1] keychain keychain1
[RTB-ike-profile-profile1]local-identity address 100.1.1.2
[RTB-ike-profile-profle1]match remote identity address 100.1.1.1
[RTB-ike-profile-profile1]proposal 1
[RTB-ike-profile-profile1]quit
[RTB]acl advanced 3000
[RTB-acl-ipv4-adv-3000] rule 0 permit ip source 10.3.1.0 0.0.0.255 destination 10.1.1.0 0.0.0.255
[RTB-acl-ipv4-adv-3000]quit
[RTB]ipsec transform-set tran1
[RTB-ipsec-transform-set-tranl]esp encryption-algorithm 3 des-cbc
[RTB-ipsec-transform-set-tranl]esp authentication-algorithm md5
[RTB-ipsec-transform-set-tran1]quit
[RTB]ipsec policy policy1 1 isakmp
[RTB-ipsec-policy-isakmp-policy1-1]transform-set tran1
[RTB-ipsec-policy-isakmp-policy1-1]security acl 3000
[RTB-ipsec-policy-isakmp-policy1-1]remote-address 100.1.1.1
[RTB-ipsec-policy-isakmp-policy1-1]ike-profile profilel
[RTB-ipsec-policy-isakmp-policy1-1]quit
[RTB]interface GigabitEthernet 0/0
[RTB-GigabitEthernet0/0lip address 10.3.1.1 255.255.255.0
[RTB-GigabitEthernet0/0]quit
[RTB]interface LoopBack 0
[RTB-LoopBack0]ip address 2.2.2.2 255.255.255.255
[RTB-LoopBack0]quit
[RTB]interface Serial 1/0
[RTB-Serial1/0]ip address 10.2.1.2 255.255.255.0
[RTB-Serial1/0]quit
[RTB]interface Tunnel1 mode gre
[RTB-Tunnel1]ip address 100.1.1.2 255.255.255.0
[RTB-Tunnel1]source 2.2.2.2
[RTB-Tunnel1]destination 1.1.1.1
[RTB-Tunnel1]ipsec apply policy policy1
[RTB-Tunnel1]quit
[RTB]ip route-stati 1.1.1.1 255.255.255.255 10.2.1.1
[RTB]ip route-static 10.1.1.0 255.255.255.0 Tunnel 1(含图)
收藏
