관리 메뉴
kjh00n의 기록저장소
VPN 실습 본문
기본 설정
PC1
ip 10.10.10.1 255.255.255.0 10.10.10.254
PC2
ip 20.20.20.1 255.255.255.0 20.20.20.254
PC3
ip 30.30.30.1 255.255.255.0 30.30.30.254
PC4
ip 40.40.40.1 255.255.255.0 40.40.40.254
R1
conf t
int fa 0/0
ip addr 10.10.10.254 255.255.255.0
no shu
int fa 0/1
ip addr 1.1.1.1 255.255.255.0
no shu
int fa 1/0
ip addr 3.3.3.1 255.255.255.0
no shu
ip route 0.0.0.0 0.0.0.0 1.1.1.2
R2
conf t
int fa 0/0
ip addr 20.20.20.254 255.255.255.0
no shu
int fa 0/1
ip addr 1.1.1.2 255.255.255.0
no shu
int fa 1/0
ip addr 2.2.2.2 255.255.255.0
no shu
ip route 0.0.0.0 0.0.0.0 2.2.2.4
R3
conf t
int fa 0/0
ip addr 30.30.30.254 255.255.255.0
no shu
int fa 0/1
ip addr 4.4.4.3 255.255.255.0
no shu
int fa 1/0
ip addr 3.3.3.3 255.255.255.0
no shu
ip route 0.0.0.0 0.0.0.0 4.4.4.4
R4
conf t
int fa 0/0
ip addr 40.40.40.254 255.255.255.0
no shu
int fa 0/1
ip addr 4.4.4.4 255.255.255.0
no shu
int fa 1/0
ip addr 2.2.2.4 255.255.255.0
no shu
ip route 0.0.0.0 0.0.0.0 2.2.2.2VPN 정책 구성
R1 [IPsec]
access-list 100 permit ip 10.10.10.0 0.0.0.255 40.40.40.0 0.0.0.255
crypto isakmp policy 10
authentication pre-share
encryption aes
hash sha
group 1
exit
crypto isakmp key 0 1234 address 2.2.2.4 255.255.255.0
crypto ipsec transform-set R14 esp-aes ah-sha-hmac
mode tunnel
exit
crypto map r14 10 ipsec-isakmp
match address 100
set transform-set R14
set peer 2.2.2.4
exit
int fa 0/1
crypto map r14
exit
R2 [IPsec]
access-list 100 permit ip 20.20.20.0 0.0.0.255 30.30.30.0 0.0.0.255
crypto isakmp policy 10
authentication pre-share
encryption aes
hash sha
group 1
exit
crypto isakmp key 0 1234 address 4.4.4.3 255.255.255.0
crypto ipsec transform-set R41 esp-aes ah-sha-hmac
mode tunnel
exit
crypto map r41 10 ipsec-isakmp
match address 100
set transform-set R41
set peer 4.4.4.3
exit
int fa 1/0
crypto map r41
exit
R3 [IPsec]
access-list 100 permit ip 30.30.30.0 0.0.0.255 20.20.20.0 0.0.0.255
crypto isakmp policy 10
authentication pre-share
encryption aes
hash sha
group 1
exit
crypto isakmp key 0 1234 address 2.2.2.2 255.255.255.0
crypto ipsec transform-set R41 esp-aes ah-sha-hmac
mode tunnel
exit
crypto map r41 10 ipsec-isakmp
match address 100
set transform-set R41
set peer 2.2.2.2
exit
int fa 0/1
crypto map r41
exit
R4 [IPsec]
access-list 100 permit ip 40.40.40.0 0.0.0.255 10.10.10.0 0.0.0.255
crypto isakmp policy 10
authentication pre-share
encryption aes
hash sha
group 1
exit
crypto isakmp key 0 1234 address 1.1.1.1 255.255.255.0
crypto ipsec transform-set R41 esp-aes ah-sha-hmac
mode tunnel
exit
crypto map r41 10 ipsec-isakmp
match address 100
set transform-set R41
set peer 1.1.1.1
exit
int fa 1/0
crypto map r41
exit결과
'보안 장비 운용' 카테고리의 다른 글
| VPN (0) | 2025.01.23 |
|---|---|
| PBR 실습2 (0) | 2025.01.23 |
| PBR 실습 (0) | 2025.01.22 |
| PBR (Policy Based Routin) (0) | 2025.01.22 |
| Tunneling 실습2 (0) | 2025.01.22 |
'보안 장비 운용' Related Articles
more
