Codice: Seleziona tutto
### LATO 1 ###
crypto isakmp policy 10
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp key ### address ### no-xauth
crypto ipsec transform-set VPN-SET esp-3des esp-md5-hmac
crypto map VPN local-address dialer1
crypto map VPN 10 ipsec-isakmp
set peer ###
set transform-set VPN-SET
match address 151
interface dialer1
crypto map VPN
no access-list 101
access-list 101 remark *************************************************************
access-list 101 remark *** ACL PER PAT E NAT0 ***
access-list 101 remark *************************************************************
access-list 101 deny ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 101 permit ip 192.168.2.0 0.0.0.255 any
access-list 151 remark *** CRYPTO ACL PER TUNNEL IPSEC ***
access-list 151 remark *************************************************************
access-list 151 permit ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 151 remark *************************************************************
### LATO 2 ###
crypto isakmp policy 10
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp key ### address ### no-xauth
crypto ipsec transform-set VPN-SET esp-3des esp-md5-hmac
crypto map VPN local-address dialer0
crypto map VPN 10 ipsec-isakmp
set peer ###
set transform-set VPN-SET
match address 151
interface dialer0
crypto map VPN
no access-list 101
access-list 101 remark ************************************************************
access-list 101 remark *** ACL PER PAT ***
access-list 101 deny ip 192.168.1.0 0.0.0.255 192.168.100.0 0.0.0.255
access-list 101 deny ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 101 permit ip 10.0.0.0 0.0.0.255 any
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
access-list 151 remark *** CRYPTO ACL PER TUNNEL IPSEC ***
access-list 151 remark *************************************************************
access-list 151 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 151 remark *************************************************************