标签:
IPSEC OVER GRE的配置:
1.建立一个GRE的接口:
interface Tunnel0
ip address 172.16.1.2 255.255.255.0
source 200.1.1.2
detination 200.1.1.3
2.建立IPsec的IKE的Proposal
ike proposal 1
ipsec proposal 1
3配置IKE的peer
ike peer r3
pre-shared-key 123456
remote-address 172.16.1.1
local-address 172.16.1.10
4配置IPsecDE POLICY
ipsec policy test isakmp
security acl 3000
5.配置分离隧道:
acl 3000
rule permit ip source 192.168.1.0 0.0.0.0 destination 192.168.3.0 0.0.0.0
6.配置访问VPN私网的数据走Tunnel接口:
ip route-static 192.168.3.0 0.0.0.0 tunnel0
7.将IPsec的policy应用到Tunnel接口
interface tunnel0
ipsec policy test
标签:
原文地址:http://www.cnblogs.com/maco/p/5067381.html
