資源描述:
《ipsecvpn配置實例》由會員上傳分享����,免費在線閱讀,更多相關(guān)內(nèi)容在行業(yè)資料-天天文庫��。
1���、實驗?zāi)康氖褂煤唵蔚呐渲猛瓿蒊PsecVPN的實現(xiàn)�����。實驗拓撲配置要點?R1:cryptoisakmppolicy10?hashmd5?authenticationpre-sharecryptoisakmpkeyciscoaddress23.1.1.3255.255.255.0cryptoipsectransform-setccieesp-desesp-md5-hmaccryptomapVPN10ipsec-isakmp?setpeer23.1.1.3?settransform-setccie?matchaddress100interfaceSerial1/1?ipad
2����、dress12.1.1.1255.255.255.0?serialrestart-delay0?cryptomapVPNR3:cryptoisakmppolicy10?hashmd5?authenticationpre-sharecryptoisakmpkeyciscoaddress12.1.1.1255.255.255.0cryptoipsectransform-setciscoesp-desesp-md5-hmaccryptomapVPN10ipsec-isakmp?setpeer12.1.1.1?settransform-setcisco?matchaddre
3、ss100interfaceSerial1/0?ipaddress23.1.1.3255.255.255.0?serialrestart-delay0?cryptomapVPN實驗驗證R3上開啟debug���,查看交互信息:R1#ping3.3.3.3source1.1.1.1Typeescapesequencetoabort.Sending5,100-byteICMPEchosto3.3.3.3,timeoutis2seconds:Packetsentwithasourceaddressof1.1.1.1.!!!!Successrateis80percent(4/5)
4�����、,round-tripmin/avg/max=16/57/164msR3#*Jul2720:03:31.910:ISAKMP(0:0):receivedpacketfrom12.1.1.1dport500sport500Global(N)NEWSA*Jul2720:03:31.914:ISAKMP:Createdapeerstructfor12.1.1.1,peerport500*Jul2720:03:31.914:ISAKMP:Newpeercreatedpeer=0x65B5BB30peer_handle=0x80000005*Jul2720:03:31.918
5�、:ISAKMP:Lockingpeerstruct0x65B5BB30,refcount1forcrypto_isakmp_process_block*Jul2720:03:31.922:ISAKMP:localport500,remoteport500*Jul2720:03:31.926:insertsasuccessfullysa=65B77620*Jul2720:03:31.930:ISAKMP:(0):Input=IKE_MESG_FROM_PEER,IKE_MM_EXCH*Jul2720:03:31.930:ISAKMP:(0):OldState=IKE_
6�����、READY?NewState=IKE_R_MM1IKE第一階段�����,第一個包交換*Jul2720:03:31.946:ISAKMP:(0):processingSApayload.messageID=0*Jul2720:03:31.950:ISAKMP:(0):processingvendoridpayload*Jul2720:03:31.950:ISAKMP:(0):vendorIDseemsUnity/DPDbutmajor245mismatch*Jul2720:03:31.962:ISAKMP:(0):foundpeerpre-sharedkeymatching1
7�、2.1.1.1*Jul2720:03:31.962:ISAKMP:(0):localpresharedkeyfound*Jul2720:03:31.962:ISAKMP:Scanningprofilesforxauth...*Jul2720:03:31.962:ISAKMP:(0):CheckingISAKMPtransform1againstpriority10policy*Jul2720:03:31.966:ISAKMP:?????encryptionDES-CBC*Jul2720:03:31.966:ISAKMP:?????hashMD5*Jul2720:
