aaa new-model3 @% ^: a9 E5 s% E0 O8 z, _
!
# [4 ^. L/ U" k0 ?!
8 W! @$ g# V% z& r3 E1 e; Y$ y1 b! Iaaa authentication login default local/ @0 A, O! |% D) x* j
aaa authentication login sdm_vpn_xauth_ml_1 local
/ I; r) K2 o2 h* Q' g) ~aaa authentication login sdm_vpn_xauth_ml_2 local$ {, F. c! D9 a& c2 h6 c8 X9 U% u
aaa authentication login sdm_vpn_xauth_ml_3 local+ s- m3 q7 \7 @6 b b
aaa authorization exec default local
) ^9 B4 T* W- ~0 l7 a* Daaa authorization network sdm_vpn_group_ml_1 local: H, @2 Z4 F) B% L! {
aaa authorization network sdm_vpn_group_ml_2 local; u k1 F. n6 r3 Y
aaa authorization network sdm_vpn_group_ml_3 local E6 N" S$ c; j9 F, j
!8 \( P# H7 L& L& r
aaa session-id common
; Y9 i; W( u! Y!8 N1 l9 m% r5 g$ t+ E2 v3 n
resource policy
2 W4 g- q) D+ d# g% R2 a!
, a4 L: O; j8 {6 ~: ~1 V6 Bip subnet-zero
) m; b, ` k5 b: \( x0 ]ip cef
1 s6 ~! j$ m g: Q% L!
' M& T. l0 _% V$ D" o& a!
/ k+ N4 h, S0 P!- P( G. G4 N* d' y$ U
!- B: R. O2 I2 E( ~7 R
ip domain name cisco.com
/ L$ Q1 y# B' G' D4 N0 Fvpdn enable
, ]5 C# \& k! q# x. E8 A3 q!# k- Q. L( m- u" Z z, `& |
vpdn-group office* E! X0 _! R) P+ t" p
!
9 i1 G) o) q! k: o; k3 ~1 }!
% Q+ o7 o7 V! y6 w' {voice-card 0- q+ k, q* r- T H" d$ K9 Z
no dspfarm0 F9 K Y) ~& c: _
!
: F, l+ U2 b* L5 f!/ Z- b8 t: C- C+ u
!
! R4 ^, F6 @( {!- W7 w2 g6 f* D( |! g3 @
!: E5 A; g2 m9 p* I& i1 Z
!
3 ]/ j' u( n4 d!
4 M7 S( O1 Z, d3 r6 ]!/ U' ~* u7 d4 J k) t) P' |
!
& q, V8 w0 s5 t4 u7 M4 ~!* `, I" K( N# M8 `6 J
!' R ]8 h9 L+ H- H" x( ]
!/ f& R: ] q# _% M J: H
!
& @5 u. o7 B9 b!" O/ z1 ]" J7 {
!3 v; M* j, `1 a+ B; L
username ****** privilege 15 secret 5 $1$DSeL$OBM9e08GL4gcylkzAMCsb.# x( B- K3 r* I% Q
!9 E+ M2 p' C. ~4 U' @
!
3 p' n* y5 Q+ g- B+ K!
' ]3 ~3 l/ X& K/ Mcrypto isakmp policy 1
7 i) d/ I7 U# W$ o& M0 z. m encr 3des v. o5 @: B; K$ K6 L5 m
authentication pre-share
: `; z8 D8 @, T" A3 r6 s6 e: P0 j5 ? group 21 E; f% K8 J3 q' z8 K# y
!
7 m! L) \8 Z( j [0 Scrypto isakmp policy 2
+ i* P. l! p8 @$ j encr aes 2565 i( T& T% e7 }* y% v
authentication pre-share: }; x! L! d: V$ I6 `2 ~
group 58 X% R# A. z! V$ h4 {4 G( U# `
lifetime 7200
( ~, H6 c; v' X, D: {, jcrypto isakmp xauth timeout 15
; r% \2 u5 T9 [3 R6 Z9 I6 P7 H' R$ L+ C
!8 V9 u( j3 A" M8 E7 P
crypto isakmp client configuration group test3 M% A6 @8 I f
key test y- D; F5 E$ M# Q6 m3 T
pool SDM_POOL_1
1 K# C! k$ i/ H9 R6 v' p max-users 100
/ h2 B- _. j* T* P netmask 255.255.255.0% s" c) q- i2 N1 }; M
!0 @8 `; X$ x8 E5 C4 N
!
# E' r' A0 ~4 ecrypto ipsec transform-set zhang esp-aes 256 esp-sha-hmac% x/ p2 P# T- l6 `0 o: d
!6 w# f5 M8 L# D- [8 V5 L# x
crypto dynamic-map SDM_DYNMAP_1 17 ]7 e* [5 V8 J3 A6 r
set transform-set zhang
+ W2 o2 G9 M! }& w9 c reverse-route# `8 X6 _( T: M4 O4 c' S+ n
!
3 U& e- U0 P/ L!
# d* B2 A. f3 @ m% v; ucrypto map SDM_CMAP_2 client authentication list sdm_vpn_xauth_ml_36 T# v0 \2 P/ z" i* ?1 T) t
crypto map SDM_CMAP_2 isakmp authorization list sdm_vpn_group_ml_3
% V8 n5 y5 ~ Q) e/ o1 V: s/ ~" U: T7 zcrypto map SDM_CMAP_2 client configuration address respond
, D1 F5 f. S8 U8 u* m9 jcrypto map SDM_CMAP_2 65535 ipsec-isakmp dynamic SDM_DYNMAP_1
9 v' B% f$ E+ q! z; @!
% b9 {& [0 M0 y- I4 ]8 W+ H!4 C. k O* {; S3 z
!
4 R2 d/ X+ e4 T0 x4 \* v2 `* |!: Y. }" m7 ?0 E
interface Loopback100
6 l; Z x; V4 r8 y) H# {# a ip address 10.2.1.1 255.255.255.0
$ j0 D2 k# W* e+ w9 u) [; F. u6 l ip nat inside8 B3 E9 `" p' u4 n. U, F
ip virtual-reassembly
( A0 \8 h8 i) _+ Q!" C9 a( [- q. j2 Z& o3 A* K
interface GigabitEthernet0/0' O& o3 i5 u1 E- |9 C ]4 f4 w% z
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$! P5 h& @, C5 `: O# M! A4 \8 y% L
no ip address
/ H2 c6 W9 A& }9 W$ E# k/ n/ J9 o ip nat outside4 u0 B3 e9 `- u5 u3 W
ip virtual-reassembly
2 {" Z$ ?; ]1 s$ @ duplex auto
8 ?$ x# a6 ]3 s+ R" S speed auto
9 d: k' g# Z" y$ @+ ` media-type rj459 p2 m* u0 w2 c1 J
negotiation auto: \+ Q3 B2 E+ h" E
pppoe enable
& c( s" u9 W6 {+ c$ \ pppoe-client dial-pool-number 12 B5 o2 l l2 W/ C
!
3 l, h) `/ ]+ z& u, {interface GigabitEthernet0/1
4 p6 G# L6 m9 ~: A3 ? ip address 10.0.0.23 255.255.255.01 m1 c& Z! r& Z0 x
ip nat inside( ~7 B8 {% [- ~. `
ip virtual-reassembly
( R$ ]1 H7 K, R* c" X duplex auto
4 v2 c: d; H+ X/ G/ x speed auto
2 n p% C( w* [2 d$ ]# Z media-type rj45
' L/ c* U$ y( P negotiation auto5 C: M3 K ?2 T& R+ f6 v
!
! v, E# i" T% I: P" M: g& `- {' Binterface Dialer1
6 ?8 R8 R; ~3 B ip address negotiated
8 ^( E9 M4 h+ v) {$ n ip mtu 1492& g! g" I" x, f' J- W8 }, n) u
ip nat outside
: m/ U& S# z1 b! W I$ e) I2 b& T ip virtual-reassembly8 y' s6 ^1 ~' `, ]% k
encapsulation ppp
7 m+ E' ]- i$ N1 G3 W& S, g ip policy route-map net-10
% K$ e( s% y9 K5 v( w/ b8 f+ ` dialer pool 1
0 Z) D; E0 w0 y8 q& _ dialer idle-timeout 0
7 X- I, {. V6 i/ [, a8 c9 Z dialer-group 1
' {5 j, |0 m7 b ppp authentication pap callin
) K0 D8 O1 n; n" S: D4 R- p3 k8 [ ppp chap hostname ******
6 {% w ^( C1 @# G% d- T7 P. @ ppp chap password 0 *****
9 x0 h& ^7 s# i3 m; v& K ppp pap sent-username ***** password 0 *****
* }+ f( u9 k5 f crypto map SDM_CMAP_28 i' N4 J1 V# u r5 s. I/ f
!
$ w% \( W3 d/ j3 t7 A3 nip local pool SDM_POOL_1 10.0.0.55 10.0.0.60
+ Q* o' \ e/ u+ t; u8 Lip classless' Q/ r8 O1 `7 D/ m6 ?( G
ip route 0.0.0.0 0.0.0.0 Dialer1
9 G+ K+ |0 a% f!" N4 g1 ]) {! k/ n( a V1 L- Z
!
+ ? K5 B1 n( p8 i8 C' P- u% vip http server
) j" O* F% ~. G8 g' g# \" Eip http authentication local
/ V u) I% n: s6 A: n( j4 Tno ip http secure-server
) P3 }2 n' w% |8 e. V!
1 [8 e8 v% w* X& ]' ?; yaccess-list 1 remark SDM_ACL Category=16
( l! O5 l* N5 f, O( U+ V2 C" e' I9 raccess-list 1 permit 10.0.0.0 0.255.255.255( K: e/ Y1 P, c5 J
access-list 9 permit 10.0.0.34 I; @; n9 G* f7 D% Z
access-list 111 permit ip host 10.0.0.1 any
7 { Q% g4 j) P1 V' Cdialer-list 1 protocol ip permit2 v. J! T6 y, h8 C" }
!2 F5 `5 V2 E: {) T- u
route-map net-10 permit 1
; I- y& s8 S8 G# K match ip address 111
/ R. p; O" L4 d+ W/ }0 J/ u+ S set ip next-hop 10.2.1.2
* W2 w0 r9 e% P+ t7 J!0 m! D1 x- _; W4 h$ @5 Z
route-map SDM_RMAP_1 permit 1# r. y: X1 c7 ]2 y1 H3 u) v$ _
match ip address 101: ]# u; w& x# W8 a* {8 w
!" n, U1 |- c0 e8 |. E" E
!
3 V7 N& @ S4 Z0 x8 `!
9 K& c8 \+ N/ t!1 v x Z- }9 U) a! K* M
control-plane
$ f7 q" K, H. k- k! o!( F3 E" A: S1 U
! s8 _/ f" h: ~! t2 y1 Z* _
!, f$ e7 ]# G' q6 K+ F
!; r* `" }/ g! _5 }6 r
!
, [& n7 h3 j& o. G; A5 V' ^!0 b1 K! b8 k. b( q1 k7 ]
!3 q. C( J; D& c9 n
!$ G. K5 ]- o; `
!! t5 C5 e* ^* k' b- h
banner login ^C
4 x+ W" U/ x" D" D6 Q!
) w3 b* [9 o8 i) S+ g( \! q6 N7 xline con 0
7 v. R9 p, r6 F8 v stopbits 11 D t' `" N1 B# v' ?
line aux 0
4 U" X- l2 Q0 q stopbits 1, d/ R U6 U9 ?6 w2 X- A8 t
line vty 0 3
4 P; g, n0 n" n% Y access-class 9 in
. ^+ L% x# p' N/ ` password cisco1 E. B0 S( A# P1 L2 D% p7 ~/ Z2 O
transport input ssh f$ N1 R d! W5 R( w) J4 r
line vty 4. G( w3 Y" X4 N( m. ~9 {
access-class 9 in+ j4 I9 ^. a' l) e. p
transport input ssh' W, v, }; }6 b/ i. E* b
line vty 5 152 S- F# H; ^& a% ^- k
transport input telnet* ~, T" b: y; m& ^# R) A1 U j
!
$ h/ H. V3 a: K' L3 g5 ?scheduler allocate 20000 1000* M, K6 h/ d9 G: |
!* b1 r* r* M6 w: A, q8 v! s" P3 d
end |
所有IT类厂商认证考试题库下载
【新盟教育】2023最新华为HCIA全套视频合集【网工基础全覆盖】---国sir公开课合集
【新盟教育】网工小白必看的!2023最新版华为认证HCIA Datacom零基础全套实战课
原创_超融合自动化运维工具cvTools
重量级~~30多套JAVA就业班全套 视频教程(请尽快下载,链接失效后不补)
链接已失效【超过几百G】EVE 国内和国外镜像 全有了 百度群分享
某linux大佬,积累多年的电子书(约300本)
乾颐堂现任明教教主Python完整版
乾颐堂 教主技术进化论 2018-2019年 最新31-50期合集视频(各种最新技术杂谈视频)
Python学习视频 0起点视频 入门到项目实战篇 Python3.5.2视频教程 共847集 能学102天
约21套Python视频合集 核心基础视频教程(共310G,已压缩)
最新20180811录制 IT爱好者-清风羽毛 - 网络安全IPSec VPN实验指南视频教程
最新20180807录制EVE开机自启动虚拟路由器并桥接物理网卡充当思科路由器
[复制链接]
