FLexVPN HUB-SPOKE
Dla R2, R3, R4:
crypto ikev2 keyring KEYR1
peer R1
address 192.0.2.1
pre-shared-key local Cisco
pre-shared-key remote Cisco

crypto ikev2 profile Profil1
match identity remote address 192.0.2.1 255.255.255.255
authentication local pre-share
authentication remote pre-share
keyring local KEYR1

crypto ipsec transform-set TR1 esp-sha256-hmac esp-aes

crypto ipsec profile IPprof1
set transform-set TR1
set ikev2-profile Profil1

#####

Dla R2:
int loopback 3
ip add 2.2.2.2 255.255.255.255

Dla R3:
int loopback 3
ip add 3.3.3.3 255.255.255.255

Dla R4:
int loopback 3
ip add 4.4.4.4 255.255.255.255

Dla wszystkich Spoke (R2, R3, R4):
int tun 12
ip unnumbered loopback 3
tunnel source g0/1
tunnel destination 192.0.2.1
tunnel protection ipsec profile IPprof1

#####
Koncentrator (R1):

crypto ikev2 keyring KEYR1
peer ANYROUTER
address 0.0.0.0
pre-shared-key local Cisco
pre-shared-key remote Cisco

crypto ikev2 profile Profil1
match identity remote address 0.0.0.0 0.0.0.0
authentication local pre-share
authentication remote pre-share
keyring local KEYR1
virtual-template 1


crypto ipsec transform-set TR1 esp-sha256-hmac esp-aes

crypto ipsec profile IPprof1
set transform-set TR1
set ikev2-profile Profil1

int loopback 3
ip add 1.1.1.1 255.255.255.255

interface virtual-template 1 type tunnel
tunnel source g0/1
ip unnumbered loopback 3
tunnel protection ipsec profile IPprof1

####
Dla R1:
router eigrp 1
network 1.1.1.1 0.0.0.0

Dla R2:
router eigrp 1
network 2.2.2.2 0.0.0.0
network 172.16.2.0 0.0.0.255
network 192.168.2.0 0.0.0.255

Dla R3:
router eigrp 1
network 3.3.3.3 0.0.0.0
network 172.16.3.0 0.0.0.255
network 192.168.3.0 0.0.0.255

Dla R4:
router eigrp 1
network 4.4.4.4 0.0.0.0
network 172.16.4.0 0.0.0.255
network 192.168.4.0 0.0.0.255