總部

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent

#

clock timezone Indian Standard Time minus 05:13:20

clock daylight-saving-time Day Light Saving Time repeating 12:32 9-1 12:32 11-23

00:00 2005 2005

#

portal local-server load portalpage.zip

#

drop illegal-mac alarm

#

set cpu-usage threshold 80 restore 75

#

ipsec proposal tran1

esp authentication-algorithm sha1

esp encryption-algorithm 3des

#

ike peer rut2 v1

exchange-mode aggressive

pre-shared-key simple 123456

nat traversal

#

ipsec policy-template use1 10

ike-peer rut2

proposal tran1

#

ipsec policy policy1 10 isakmp template use1

#

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

local-user admin service-type http

#

firewall zone Local

priority 15

#

interface GigabitEthernet0/0/0

ip address 10.0.5.2 255.255.255.0

ipsec policy policy1

#

interface GigabitEthernet0/0/1

ip address 192.168.3.1 255.255.255.0

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

ip route-static 0.0.0.0 0.0.0.0 10.0.5.1

#

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

分部1 ipsec

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent

#

clock timezone Indian Standard Time minus 05:13:20

clock daylight-saving-time Day Light Saving Time repeating 12:32 9-1 12:32 11-23

00:00 2005 2005

#

portal local-server load portalpage.zip

#

drop illegal-mac alarm

#

set cpu-usage threshold 80 restore 75

#

acl number 3002

rule 5 permit ip source 10.0.3.0 0.0.0.255 destination 192.168.3.0 0.0.0.255

#

ipsec proposal tran1

esp authentication-algorithm sha1

esp encryption-algorithm 3des

#

ike peer rut2 v1

exchange-mode aggressive

pre-shared-key simple 123456

remote-address 10.0.5.2

#

ipsec policy policy1 10 isakmp

security acl 3002

ike-peer rut2

proposal tran1

#

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

local-user admin service-type http

#

firewall zone Local

priority 15

#

interface GigabitEthernet0/0/0

ip address 10.0.1.2 255.255.255.0

ipsec policy policy1

#

interface GigabitEthernet0/0/1

ip address 10.0.3.1 255.255.255.0

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

ip route-static 0.0.0.0 0.0.0.0 10.0.1.1

#

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

分部2-nat

[V200R003C00]

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent

#

clock timezone Indian Standard Time minus 05:13:20

clock daylight-saving-time Day Light Saving Time repeating 12:32 9-1 12:32 11-23

00:00 2005 2005

#

portal local-server load portalpage.zip

#

drop illegal-mac alarm

#

set cpu-usage threshold 80 restore 75

#

acl number 2000

rule 5 permit source 172.16.0.0 0.0.255.255

#

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

local-user admin service-type http

#

firewall zone Local

priority 15

#

interface GigabitEthernet0/0/0

ip address 10.0.2.2 255.255.255.0

nat outbound 2000

#

interface GigabitEthernet0/0/1

ip address 172.16.1.1 255.255.255.0

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

ip route-static 0.0.0.0 0.0.0.0 10.0.2.1

ip route-static 172.16.2.0 255.255.255.0 172.16.1.2

#

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

分部2-ipsec

[V200R003C00]

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent

#

clock timezone Indian Standard Time minus 05:13:20

clock daylight-saving-time Day Light Saving Time repeating 12:32 9-1 12:32 11-23

00:00 2005 2005

#

portal local-server load portalpage.zip

#

drop illegal-mac alarm

#

set cpu-usage threshold 80 restore 75

#

acl number 3002

rule 5 permit ip source 172.16.2.0 0.0.0.255 destination 192.168.3.0 0.0.0.255

#

ipsec proposal tran1

esp authentication-algorithm sha1

esp encryption-algorithm 3des

#

ike peer rut2 v1

exchange-mode aggressive

pre-shared-key simple 123456

nat traversal

remote-address 10.0.5.2

#

ipsec policy policy 10 isakmp

security acl 3002

ike-peer rut2

proposal tran1

#

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

local-user admin service-type http

#

firewall zone Local

priority 15

#

interface GigabitEthernet0/0/0

ip address 172.16.1.2 255.255.255.0

ipsec policy policy

#

interface GigabitEthernet0/0/1

ip address 172.16.2.1 255.255.255.0

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

ip route-static 0.0.0.0 0.0.0.0 172.16.1.1

#

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return[V200R003C00]

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent

#

clock timezone Indian Standard Time minus 05:13:20

clock daylight-saving-time Day Light Saving Time repeating 12:32 9-1 12:32 11-23

00:00 2005 2005

#

portal local-server load portalpage.zip

#

drop illegal-mac alarm

#

set cpu-usage threshold 80 restore 75

#

acl number 3002

rule 5 permit ip source 172.16.2.0 0.0.0.255 destination 192.168.3.0 0.0.0.255

#

ipsec proposal tran1

esp authentication-algorithm sha1

esp encryption-algorithm 3des

#

ike peer rut2 v1

exchange-mode aggressive

pre-shared-key simple 123456

nat traversal

remote-address 10.0.5.2

#

ipsec policy policy 10 isakmp

security acl 3002

ike-peer rut2

proposal tran1

#

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

local-user admin service-type http

#

firewall zone Local

priority 15

#

interface GigabitEthernet0/0/0

ip address 172.16.1.2 255.255.255.0

ipsec policy policy

#

interface GigabitEthernet0/0/1

ip address 172.16.2.1 255.255.255.0

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

ip route-static 0.0.0.0 0.0.0.0 172.16.1.1

#

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

互聯網

[V200R003C00]

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent

#

clock timezone Indian Standard Time minus 05:13:20

clock daylight-saving-time Day Light Saving Time repeating 12:32 9-1 12:32 11-23

00:00 2005 2005

#

portal local-server load portalpage.zip

#

drop illegal-mac alarm

#

set cpu-usage threshold 80 restore 75

#

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

local-user admin service-type http

#

firewall zone Local

priority 15

#

interface GigabitEthernet0/0/0

ip address 10.0.5.1 255.255.255.0

#

interface GigabitEthernet0/0/1

ip address 10.0.1.1 255.255.255.0

#

interface GigabitEthernet0/0/2

ip address 10.0.2.1 255.255.255.0

#

interface NULL0

#

ip route-static 10.0.3.0 255.255.255.0 10.0.1.2

ip route-static 10.0.4.0 255.255.255.0 10.0.2.2

ip route-static 192.168.3.0 255.255.255.0 10.0.5.2

#

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

總部的部分截圖

總結

以上是生活随笔為你收集整理的ipsec ip替换_点到多点ipsec-vpn NAT穿透和固定IP共存的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。