Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

Netscreen and Cisco run OSPF

2025-03-30 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Share

Shulou(Shulou.com)06/01 Report--

Topology:

ISP Configuration:

Int e0/0

Ip add 200.1.1.1 255.255.255.0

No sh

Int e0/1

Ip add 200.1.2.1 255.255.255.0

No sh

Netscreen Cconfiguration:

Set zone name y1set interface "loopback.1" zone "Home" set interface "loopback.2" zone "Home" set interface "zone" Home "set interface ethernet3 ip 200.1.1.2/24set interface loopback.1 ip 192.168.1.1/24set interface loopback.2 ip 192.168.2.1/24set interface loopback.3 ip 192.168.3.1/24set int tun.1 zone y1set interface tunnel.1 ip 192.168.100.1/24set interface ethernet3 ip manageableset interface loopback.1 Ip manageableset interface loopback.2 ip manageableset interface loopback.3 ip manageableset address "Home"192.168.1.0" 192.168.1.0 255.255.255.0set address "Home"192.168.2.0" 192.168.2.0 255.255.255.0set address "Home"192.168.3.0" 192.168.3.0 255.255.255.0set address "y1"192.168.4.0" 192.168.4.0 255 .255.255.0set address "y1"192.168.5.0" 192.168.5.0 255.255.255.0set address "y1"192.168.6.0" 192.168.6.0 255.255.255.0set group address "Home"zongbu" set group address "Home"zongbu" add "192.168.1.0" set group address "Home"zongbu" add "192.168.2.0" set group address "Home"zongbu" "add" 192.168.3.0 "set group address" y1 "y1-add" set group address "y1"y1-add" add "192.168.4.0" set group address "y1"y1-add" add "192.168.5.0" set group address "y1" y1-add "add" 192.168.6.0 "set ike gateway" to-y1 "address 200.1.2.2 Main outgoing-interface" ethernet3 "preshare" y4KsQRlYNP35xFuFCZCauPCCnpool qc9NEART = "proposal" Pre-g2-3des-md5 "set *" y1 "gateway" to-y1 "no-replay tunnel idletime 0 proposal" g2-esp-3des-md5 "set *" y1 "id 0x2 bind interface tunnel.1set policy id 6 from" Home "to" y1 "zongbu"y1-add"ANY" permit set policy id 5 from "y1" to "Home"y1-add"zongbu"ANY" permit set router-id 1.1.1.1set route 0. 0.0.0/0 gateway 200.1.1.1set interface loopback.1 protocol ospf area 0.0.0.0set interface loopback.1 protocol ospf enableset interface loopback.2 protocol ospf area 0.0.0.0set interface loopback.2 protocol ospf enableset interface loopback.3 protocol ospf area 0.0.0.0set interface loopback.3 protocol ospf enableset interface tunnel.1 protocol ospf area 0.0.0.0set interface tunnel.1 protocol ospf enable

CISCO configuration:crypto isakmp policy 10 encr 3des hash md5 authentication pre-share group 2 crypto isakmp key cisco address 200.1.1.2!! Crypto ipsec transform-set cisco esp-3des esp-md5-hmac! Crypto ipsec profile ipsecprof set transform-set cisco! Interface Loopback0 ip address 192.168.4.1 255.255.255.0 ip ospf 110 area 0! Interface Loopback1 ip address 192.168.5.1 255.255.255.0 ip ospf 110 area 0! Interface Loopback2 ip address 192.168.6.1 255.255.255.0 ip ospf 110 area 0! Interface Tunnel0 ip address 192.168.100.2 255.255.255.0 ip ospf 110 area 0 tunnel source 200.1.2.2 tunnel destination 200.1.1.2 tunnel mode ipsec ipv4 tunnel protection ipsec profile ipsecprof! Interface Ethernet0/0 ip address 200.1.2.2 255.255.255.0router ospf 110 log-adjacency-changesip route 0.0.0.0 0.0.0.0 200.1.2.1

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Network Security

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report