Scribd Logo
Загрузить

Добро пожаловать в Scribd!

  • KS

    Загружено:

    lsalazma
    12 просмотров7 страниц

    Авторское право

    © © All Rights Reserved

    Доступные форматы

    TXT, PDF, TXT или читайте онлайн в Scribd

    Этот документ был вам полезен?

    Это неприемлемый материал?

    Пожаловаться на этот документ

    Авторское право:

    © All Rights Reserved
    Скачайте в формате TXT, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    12 просмотров7 страниц

    KS

    Загружено:

    lsalazma

    Авторское право:

    © All Rights Reserved
    Скачайте в формате TXT, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    из 7

    KS1>en

    KS1#sh run
    Building configuration...
    Current configuration : 3478 bytes
    !
    version 15.2
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname KS1
    !
    boot-start-marker
    boot-end-marker
    !
    !
    !
    no aaa new-model
    !
    !
    no ipv6 cef
    ip auth-proxy max-login-attempts 5
    ip admission max-login-attempts 5
    !
    !
    !
    !
    !
    ip domain name banco.corp
    ip cef
    !
    multilink bundle-name authenticated
    !
    !
    crypto pki server PKICA
    database level names
    issuer-name CN=KS1 L=ANT C=CO
    !
    crypto pki trustpoint PKICA
    revocation-check crl
    rsakeypair PKICA
    !
    !
    crypto pki certificate chain PKICA
    certificate ca 01
    3082020B 30820174 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
    19311730 15060355 0403130E 4B533120 4C3D414E 5420433D 434F301E 170D3134
    30383136 30393032 35355A17 0D313730 38313530 39303235 355A3019 31173015
    06035504 03130E4B 5331204C 3D414E54 20433D43 4F30819F 300D0609 2A864886
    F70D0101 01050003 818D0030 81890281 8100E7D6 98C802B4 3BACF1A6 F472CDDE
    4844C007 062A6337 78C49641 819C1935 CFDB8AED 8C8EECCD 10C0C030 4213153A
    932212A6 D40DD654 FDDAE6C2 381950CC E599FB81 8B35EEE7 85B37CDF E62D382F
    76BF99DD 2175C189 F1898870 AC0AACAE EEAB8CD9 E7ADB28B A94FECC5 DD9FC5F0
    7C4EDE1C FB9E2FB4 87F2F154 92B4F22C B2850203 010001A3 63306130 0F060355
    1D130101 FF040530 030101FF 300E0603 551D0F01 01FF0404 03020186 301F0603
    551D2304 18301680 141F6350 10FB6A52 27E2D067 7516BD30 3B398897 9A301D06
    03551D0E 04160414 1F635010 FB6A5227 E2D06775 16BD303B 3988979A 300D0609
    2A864886 F70D0101 04050003 818100E2 A6A75620 07BDC2E8 1BC91603 C8587AB1
    EFB8F65F CE22A364 84884BB5 F667F892 AC8963BC FB3F83A8 1B0370CA D2377464
    3E7F6AB0 D4C48E9C 2B10609D F38C9099 45F979B6 8889024D 748D2D31 482D5897
    C2CD0B7C 14A5C839 34C84C64 E26FB1AB 80D70FF8 F9CB9BAB E7BF85F1 3CC4E0C8
    9C654DC1 8564A8DC 964012D1 ED91CF
    quit
    license udi pid CISCO1921/K9 sn FGL153421XV
    !
    !
    username cisco privilege 15 secret 4 tnhtc92DXBhelxjYk8LWJrPV36S2i4ntXrpb4RFmfqY
    !
    redundancy
    !
    !
    !
    !
    !
    !
    !
    crypto isakmp policy 10
    authentication pre-share
    group 2
    crypto isakmp key COOP address 172.16.100.2
    crypto isakmp keepalive 10 periodic
    !
    !
    crypto ipsec transform-set AES128 esp-aes esp-sha-hmac
    mode tunnel
    !
    crypto ipsec profile IPSEC_PROFILE
    set security-association lifetime seconds 7200
    set transform-set AES128
    !
    !
    crypto gdoi group GDOI
    identity number 100
    server local
    rekey algorithm aes 128
    rekey lifetime seconds 21600
    rekey retransmit 10 number 2
    rekey authentication mypubkey rsa GETKEY
    rekey transport unicast
    sa ipsec 1
    profile IPSEC_PROFILE
    match address ipv4 ACL
    replay counter window-size 64
    address ipv4 172.16.100.1
    redundancy
    local priority 250
    peer address ipv4 172.16.100.2
    !
    !
    crypto map CRYPTOMAP 1 gdoi
    set group GDOI
    !
    !
    !
    !
    !
    interface Embedded-Service-Engine0/0
    no ip address
    shutdown
    !
    interface GigabitEthernet0/0
    ip address 172.16.100.1 255.255.255.0
    duplex auto
    speed auto
    crypto map CRYPTOMAP
    !
    interface GigabitEthernet0/1
    no ip address
    shutdown
    duplex auto
    speed auto
    !
    ip forward-protocol nd
    !
    ip http server
    no ip http secure-server
    !
    !
    ip access-list extended ACL
    permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
    !
    !
    !
    !
    control-plane
    !
    !
    !
    line con 0
    line aux 0
    line 2
    no activation-character
    no exec
    transport preferred none
    transport input all
    transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
    stopbits 1
    line vty 0 4
    login
    transport input all
    !
    scheduler allocate 20000 1000
    !
    end
    KS1#
    KS1#
    KS1 con0 is now available
    Press RETURN to get started.
    KS1>en
    KS1#sh run
    Building configuration...
    Current configuration : 3478 bytes
    !
    version 15.2
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname KS1
    !
    boot-start-marker
    boot-end-marker
    !
    !
    !
    no aaa new-model
    !
    !
    no ipv6 cef
    ip auth-proxy max-login-attempts 5
    ip admission max-login-attempts 5
    !
    !
    !
    !
    !
    ip domain name banco.corp
    ip cef
    !
    multilink bundle-name authenticated
    !
    !
    crypto pki server PKICA
    database level names
    issuer-name CN=KS1 L=ANT C=CO
    !
    crypto pki trustpoint PKICA
    revocation-check crl
    rsakeypair PKICA
    !
    !
    crypto pki certificate chain PKICA
    certificate ca 01
    3082020B 30820174 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
    19311730 15060355 0403130E 4B533120 4C3D414E 5420433D 434F301E 170D3134
    30383136 30393032 35355A17 0D313730 38313530 39303235 355A3019 31173015
    06035504 03130E4B 5331204C 3D414E54 20433D43 4F30819F 300D0609 2A864886
    F70D0101 01050003 818D0030 81890281 8100E7D6 98C802B4 3BACF1A6 F472CDDE
    4844C007 062A6337 78C49641 819C1935 CFDB8AED 8C8EECCD 10C0C030 4213153A
    932212A6 D40DD654 FDDAE6C2 381950CC E599FB81 8B35EEE7 85B37CDF E62D382F
    76BF99DD 2175C189 F1898870 AC0AACAE EEAB8CD9 E7ADB28B A94FECC5 DD9FC5F0
    7C4EDE1C FB9E2FB4 87F2F154 92B4F22C B2850203 010001A3 63306130 0F060355
    1D130101 FF040530 030101FF 300E0603 551D0F01 01FF0404 03020186 301F0603
    551D2304 18301680 141F6350 10FB6A52 27E2D067 7516BD30 3B398897 9A301D06
    03551D0E 04160414 1F635010 FB6A5227 E2D06775 16BD303B 3988979A 300D0609
    2A864886 F70D0101 04050003 818100E2 A6A75620 07BDC2E8 1BC91603 C8587AB1
    EFB8F65F CE22A364 84884BB5 F667F892 AC8963BC FB3F83A8 1B0370CA D2377464
    3E7F6AB0 D4C48E9C 2B10609D F38C9099 45F979B6 8889024D 748D2D31 482D5897
    C2CD0B7C 14A5C839 34C84C64 E26FB1AB 80D70FF8 F9CB9BAB E7BF85F1 3CC4E0C8
    9C654DC1 8564A8DC 964012D1 ED91CF
    quit
    license udi pid CISCO1921/K9 sn FGL153421XV
    !
    !
    username cisco privilege 15 secret 4 tnhtc92DXBhelxjYk8LWJrPV36S2i4ntXrpb4RFmfqY
    !
    redundancy
    !
    !
    !
    !
    !
    !
    !
    crypto isakmp policy 10
    authentication pre-share
    group 2
    crypto isakmp key COOP address 172.16.100.2
    crypto isakmp keepalive 10 periodic
    !
    !
    crypto ipsec transform-set AES128 esp-aes esp-sha-hmac
    mode tunnel
    !
    crypto ipsec profile IPSEC_PROFILE
    set security-association lifetime seconds 7200
    set transform-set AES128
    !
    !
    crypto gdoi group GDOI
    identity number 100
    server local
    rekey algorithm aes 128
    rekey lifetime seconds 21600
    rekey retransmit 10 number 2
    rekey authentication mypubkey rsa GETKEY
    rekey transport unicast
    sa ipsec 1
    profile IPSEC_PROFILE
    match address ipv4 ACL
    replay counter window-size 64
    address ipv4 172.16.100.1
    redundancy
    local priority 250
    peer address ipv4 172.16.100.2
    !
    !
    crypto map CRYPTOMAP 1 gdoi
    set group GDOI
    !
    !
    !
    !
    !
    interface Embedded-Service-Engine0/0
    no ip address
    shutdown
    !
    interface GigabitEthernet0/0
    ip address 172.16.100.1 255.255.255.0
    duplex auto
    speed auto
    crypto map CRYPTOMAP
    !
    interface GigabitEthernet0/1
    no ip address
    shutdown
    duplex auto
    speed auto
    !
    ip forward-protocol nd
    !
    ip http server
    no ip http secure-server
    !
    !
    ip access-list extended ACL
    permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
    !
    !
    !
    !
    control-plane
    !
    !
    !
    line con 0
    line aux 0
    line 2
    no activation-character
    no exec
    transport preferred none
    transport input all
    transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
    stopbits 1
    line vty 0 4
    login
    transport input all
    !
    scheduler allocate 20000 1000
    !
    end
    KS1#

    Вам также может понравиться