本帖最后由 宅男女神 于 2015-9-10 10:53 编辑
课程介绍:
DMVPN配置大全_经典DY VPN配置模型和命令
课程目录及截图:(超清原画品质哦)
DMVPN配置大全_经典DY VPN配置模型和命令
ciscoasa# sh crypto ipsec sa
interface: outside
Crypto map tag: asa, seq num: 10, local addr: 12.0.0.2
access-list yx permit ip 172.16.2.0 255.255.255.0 172.16.1.0 255.255.255.0
local ident (addr/mask/prot/port): (172.16.2.0/255.255.255.0/0/0)
remote ident (addr/mask/prot/port): (172.16.1.0/255.255.255.0/0/0)
current_peer: 12.0.0.1
#pkts encaps: 25, #pkts encrypt: 25, #pkts digest: 25
#pkts decaps: 25, #pkts decrypt: 25, #pkts verify: 25
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 25, #pkts comp failed: 0, #pkts decomp failed: 0
#pre-frag successes: 0, #pre-frag failures: 0, #fragments created: 0
#PMTUs sent: 0, #PMTUs rcvd: 0, #decapsulated frgs needing reassembly: 0
#send errors: 0, #recv errors: 0
local crypto endpt.: 12.0.0.2, remote crypto endpt.: 12.0.0.1
path mtu 1500, ipsec overhead 58, media mtu 1500
current outbound spi: 12EFEA9D
inbound esp sas:
spi: 0x5B47544F (1531401295)
transform: esp-3des esp-sha-hmac none
in use settings ={L2L, Tunnel, }
slot: 0, conn_id: 4096, crypto-map: asa
sa timing: remaining key lifetime (kB/sec): (4274998/3392)
IV size: 8 bytes
replay detection support: Y
outbound esp sas:
spi: 0x12EFEA9D (317713053)
transform: esp-3des esp-sha-hmac none
in use settings ={L2L, Tunnel, }
slot: 0, conn_id: 4096, crypto-map: asa
sa timing: remaining key lifetime (kB/sec): (4274998/3392)
IV size: 8 bytes
replay detection support: Y
ciscoasa# sh run
: Saved
:
ASA Version 8.0(2)
!
hostname ciscoasa
enable password 8Ry2YjIyt7RRXU24 encrypted
names
!
interface Ethernet0/0
nameif outside
security-level 0
ip address 12.0.0.2 255.255.255.0
!
interface Ethernet0/1
nameif inside
security-level 100
ip address 172.16.2.1 255.255.255.0
!
interface Ethernet0/2
shutdown
no nameif
no security-level
no ip address
!
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
!
interface Ethernet0/4
shutdown
no nameif
no security-level
no ip address
!
interface Ethernet0/5
shutdown
no nameif
no security-level
no ip address
!
passwd 2KFQnbNIdI.2KYOU encrypted
ftp mode passive
access-list 100 extended permit icmp any any echo-reply
access-list 100 extended permit esp host 12.0.0.1 host 12.0.0.2
access-list 100 extended permit udp host 12.0.0.1 host 12.0.0.2 eq isakmp
access-list 100 extended permit icmp any any
access-list yx extended permit ip 172.16.2.0 255.255.255.0 172.16.1.0 255.255.255.0
pager lines 24
mtu outside 1500
mtu inside 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
access-group 100 in interface outside
route outside 172.16.1.0 255.255.255.0 12.0.0.1 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set set-10 esp-3des esp-sha-hmac
crypto map asa 10 match address yx
crypto map asa 10 set peer 12.0.0.1
crypto map asa 10 set transform-set set-10
crypto map asa interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption des
hash md5
group 2
lifetime 86400
crypto isakmp policy 65535
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet timeout 5
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
!
service-policy global_policy global
tunnel-group 12.0.0.1 type ipsec-l2l
tunnel-group 12.0.0.1 ipsec-attributes
pre-shared-key *
prompt hostname context
Cryptochecksum:2278e33d002920269f8c18c5f1f9f579
: end
ciscoasa#
=======================
下载链接:
免回复? 免金币? 批量下载? 精品资料? 加入论坛VIP学习组会员
--->点这里一次轻松下载该视频的所有分集
免费订阅论坛新帖邮件推送,最新资料早知道~~
批量下载/精品资料--->请关注VIP专区
攻城狮论坛最新IT技术视频学习教程汇总(大于5000G+每天更新)
金币不够用?来这里看看吧~~10种方法轻松拿金币~~~
论坛快捷链接:| 最新视频发布?--->点这里 | 最全网络书籍下载?--->点这里 | 下载链接失效?--->点这里 | 关注微信/微博?---> 点这里 | | 官方考试报名?--->点这里 | 求工作/接私活?--->点这里 | 附件批量免费下?---> 点这里 | 论坛金币免费领?---> 点这里 |
能帮助您和更多的人找到自己想要的资料并取得更大进步,是我们最大的愿望。 |
|
|
所有IT类厂商认证考试题库下载
【新盟教育】2023最新华为HCIA全套视频合集【网工基础全覆盖】---国sir公开课合集
【新盟教育】网工小白必看的!2023最新版华为认证HCIA Datacom零基础全套实战课
原创_超融合自动化运维工具cvTools
重量级~~30多套JAVA就业班全套 视频教程(请尽快下载,链接失效后不补)
链接已失效【超过几百G】EVE 国内和国外镜像 全有了 百度群分享
某linux大佬,积累多年的电子书(约300本)
乾颐堂现任明教教主Python完整版
乾颐堂 教主技术进化论 2018-2019年 最新31-50期合集视频(各种最新技术杂谈视频)
Python学习视频 0起点视频 入门到项目实战篇 Python3.5.2视频教程 共847集 能学102天
约21套Python视频合集 核心基础视频教程(共310G,已压缩)
最新20180811录制 IT爱好者-清风羽毛 - 网络安全IPSec VPN实验指南视频教程
最新20180807录制EVE开机自启动虚拟路由器并桥接物理网卡充当思科路由器
[复制链接]
