티스토리 뷰

네트워크

CISCO ASA 5506-X

초보의 CHOMAN 2017.12.01 17:47


VPN 설정 CLI



crypto ikev1 policy 10

 authentication pre-share

 encryption 3des

 hash sha

 group 2

 lifetime 86400

 exit


crypto ipsec ikev1 transform-set TRANS-ESP-3DES-SHA esp-3des esp-sha-hmac

crypto ipsec ikev1 transform-set TRANS-ESP-3DES-SHA mode transport

crypto dynamic-map outside_dyn_map 10 set ikev1 transform-set TRANS-ESP-3DES-SHA

crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map

crypto map outside_map interface outside

crypto ikev1 enable outside


ip local pool Address-pool 10.0.0.1-10.0.0.254 mask 255.255.255.0


group-policy L2TP-VPN internal

group-policy L2TP-VPN attributes

 vpn-tunnel-protocol l2tp-ipsec

 default-domain value cisco.com

 username takakocap password speed99 mschap

 exit


tunnel-group DefaultRAGroup general-attributes

address-pool Address-pool

default-group-policy L2TP-VPN

exit


tunnel-group DefaultRAGroup ipsec-attributes

ikev1 pre-shared-key test1234

exit


tunnel-group DefaultRAGroup ppp-attributes

no authentication chap

authentication ms-chap-v2

exit


object network L2TP-Pool

subnet 10.0.0.0 255.255.255.0

exit


nat (inside,outside) source static any any destination static L2TP-Pool L2TP-Pool no-proxy-arp route-lookup

 


'네트워크' 카테고리의 다른 글

rdma (Remote direct memory access)  (0) 2018.09.05
bridge  (0) 2018.08.23
CISCO ASA 5506-X  (0) 2017.12.01
pathping 명령어  (0) 2015.06.12
TCP/UDP 프로토콜 기본 개념  (0) 2015.06.12
nmap 으로 UDP 포트 체크  (0) 2015.06.12
댓글
댓글쓰기 폼