Netscreen与Cisco跑OSPF-成都快上网建站

Netscreen与Cisco跑OSPF

拓扑:

成都创新互联公司专注于广阳企业网站建设,响应式网站,商城网站制作。广阳网站建设公司,为广阳等地区提供建站服务。全流程按需定制制作,专业设计,全程项目跟踪,成都创新互联公司专业和态度为您提供的服务

Netscreen与Cisco跑OSPF

ISP Configuration:

int e0/0

ip add 200.1.1.1 255.255.255.0

no sh

int e0/1

ip add 200.1.2.1 255.255.255.0

no sh

Netscreen Cconfiguration:

set zone name y1
set interface "loopback.1" zone "Home"
set interface "loopback.2" zone "Home"
set interface "loopback.3" zone "Home"
set interface ethernet3 ip 200.1.1.2/24
set interface loopback.1 ip 192.168.1.1/24
set interface loopback.2 ip 192.168.2.1/24
set interface loopback.3 ip 192.168.3.1/24
set int tun.1 zone y1
set interface tunnel.1 ip 192.168.100.1/24
set interface ethernet3 ip manageable
set interface loopback.1 ip manageable
set interface loopback.2 ip manageable
set interface loopback.3 ip manageable
set address "Home" "192.168.1.0" 192.168.1.0 255.255.255.0
set address "Home" "192.168.2.0" 192.168.2.0 255.255.255.0
set address "Home" "192.168.3.0" 192.168.3.0 255.255.255.0
set address "y1" "192.168.4.0" 192.168.4.0 255.255.255.0
set address "y1" "192.168.5.0" 192.168.5.0 255.255.255.0
set address "y1" "192.168.6.0" 192.168.6.0 255.255.255.0
set group address "Home" "zongbu"
set group address "Home" "zongbu" add "192.168.1.0"
set group address "Home" "zongbu" add "192.168.2.0"
set group address "Home" "zongbu" add "192.168.3.0"
set group address "y1" "y1-add"
set group address "y1" "y1-add" add "192.168.4.0"
set group address "y1" "y1-add" add "192.168.5.0"
set group address "y1" "y1-add" add "192.168.6.0"
set ike gateway "to-y1" address 200.1.2.2 Main outgoing-interface "ethernet3" preshare "y4KsQRlYNP35xEsFuFCZCauPCCn/qc9NEA==" proposal "pre-g2-3des-md5"
set *** "y1" gateway "to-y1" no-replay tunnel idletime 0 proposal "g2-esp-3des-md5"
set *** "y1" id 0x2 bind interface tunnel.1
set policy id 6 from "Home" to "y1" "zongbu" "y1-add" "ANY" permit
set policy id 5 from "y1" to "Home" "y1-add" "zongbu" "ANY" permit
set router-id 1.1.1.1
set route 0.0.0.0/0 gateway 200.1.1.1
set interface loopback.1 protocol ospf area 0.0.0.0
set interface loopback.1 protocol ospf enable
set interface loopback.2 protocol ospf area 0.0.0.0
set interface loopback.2 protocol ospf enable
set interface loopback.3 protocol ospf area 0.0.0.0
set interface loopback.3 protocol ospf enable
set interface tunnel.1 protocol ospf area 0.0.0.0
set interface tunnel.1 protocol ospf enable

CISCO configuration:
crypto isakmp policy 10
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp key cisco address 200.1.1.2
!
!
crypto ipsec transform-set cisco esp-3des esp-md5-hmac
!
crypto ipsec profile ipsecprof
set transform-set cisco
!
interface Loopback0
ip address 192.168.4.1 255.255.255.0
ip ospf 110 area 0
!
interface Loopback1
ip address 192.168.5.1 255.255.255.0
ip ospf 110 area 0
!
interface Loopback2
ip address 192.168.6.1 255.255.255.0
ip ospf 110 area 0
!
interface Tunnel0
ip address 192.168.100.2 255.255.255.0
ip ospf 110 area 0
tunnel source 200.1.2.2
tunnel destination 200.1.1.2
tunnel mode ipsec ipv4
tunnel protection ipsec profile ipsecprof
!
interface Ethernet0/0
ip address 200.1.2.2 255.255.255.0
router ospf 110
log-adjacency-changes
ip route 0.0.0.0 0.0.0.0 200.1.2.1

Netscreen与Cisco跑OSPF

Netscreen与Cisco跑OSPF


新闻名称:Netscreen与Cisco跑OSPF
网页路径:http://kswjz.com/article/jcdsio.html
扫二维码与项目经理沟通

我们在微信上24小时期待你的声音

解答本文疑问/技术咨询/运营咨询/技术建议/互联网交流