38 lines
733 B
Plaintext
38 lines
733 B
Plaintext
|
crypto ikev2 keyring KEYR1
|
||
|
peer R2
|
||
|
address 198.51.100.2
|
||
|
pre-shared-key local Cisco
|
||
|
pre-shared-key remote Cisco
|
||
|
|
||
|
|
||
|
crypto ikev2 profile Profil1
|
||
|
match identity remote address 198.51.100.2 255.255.255.255
|
||
|
authentication local pre-share
|
||
|
authentication remote pre-share
|
||
|
keyring local KEYR1
|
||
|
|
||
|
|
||
|
crypto ikev2 proposal ikeprop1
|
||
|
integrity sha256 sha384 sha512
|
||
|
group 14 15
|
||
|
encryption aes-cbc-128 aes-cbc-256
|
||
|
|
||
|
crypto ikev2 policy ikepol1
|
||
|
proposal ikeprop1
|
||
|
|
||
|
ip access-list extended ACLR2
|
||
|
permit ip 192.168.3.0 0.0.0.255 192.168.2.0 0.0.0.255
|
||
|
|
||
|
crypto ipsec transform-set TR1 esp-sha256-hmac esp-aes
|
||
|
|
||
|
crypto map CM1 10 ipsec-isakmp
|
||
|
match address ACLR2
|
||
|
set peer 198.51.100.2
|
||
|
set transform-set TR1
|
||
|
set ikev2-profile Profil1
|
||
|
|
||
|
|
||
|
int g0/1
|
||
|
crypto map CM1
|
||
|
|