This is a template for a simple site 2 site between 2 Cisco ASA;
Side A details: internal 192.168.48.0 - external 199.99.9.99
Side B details: internal 192.168.1.0 - external 62.0.62.60
Implement in Side A:
Access-list of the encryption domain
access-list outside_10_cryptomap extended permit ip 192.168.48.0 255.255.255.0 192.168.1.0 255.255.255.0
Access-list that disable nat between the encryption domains ( networks)
access-list inside_nat0_outbound extended permit ip 192.168.48.0 255.255.255.0 192.168.1.0 255.255.255.0
Enable no nat access-list:
nat (inside) 0 access-list inside_nat0_outbound
IPsec setting phase 1:
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
Crypto transfrom set and IPsec setting phase 2:
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto map outside_map 20 match address outside_10_cryptomap
crypto map outside_map 20 set peer 62.0.62.60
crypto map outside_map 20 set transform-set ESP-3DES-SHA
crypto map outside_map interface outside
Enable vpn on the external interface
crypto isakmp enable outside
Set shared key
tunnel-group 62.0.62.60 type ipsec-l2l
tunnel-group 62.0.62.60 ipsec-attributes
pre-shared-key hopeitworks
Implement in Side B:
access-list outside_20_cryptomap extended permit ip 192.168.1.0 255.255.255.0 192.168.48.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 192.168.1.0 255.255.255.0 192.168.48.0 255.255.255.0
nat (inside) 0 access-list inside_nat0_outbound
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto map outside_map 20 match address outside_20_cryptomap
crypto map outside_map 20 set peer 199.99.9.99
crypto map outside_map 20 set transform-set ESP-3DES-SHA
crypto map outside_map interface outside
crypto isakmp enable outside
tunnel-group 199.99.9.99 type ipsec-l2l
tunnel-group 199.99.9.99 ipsec-attributes
pre-shared-key hopeitworks
It is really well-researched content and excellent wording. I got so engaged in this material that I couldn’t wait to read it. Website Development Company In Mumbai-Rankofy
ReplyDeleteTake your luck for a spin on the latest slots to add sizzle to the Golden Nugget's gaming ground. Redd also acquired the patent for the newly created Random Number Generator, which computerized the odds-calculator behind the spinning reels and allowed game makers to regulate 카지노 사이트 volatility. A trendy slot machine, at its core, is nothing greater than an RNG going through tens of millions or billions of numbers always. When a player hits a spin button, they are simply stopping the RNG at a selected second. Everything past that — the music, the mini-games, the actual appearance of spinning reels, Rachel, Monica, and the rest of|the remainder of} the gang keeping you company — is window dressing to keep you hitting spin.
ReplyDeletehttps://saglamproxy.com
ReplyDeletemetin2 proxy
proxy satın al
knight online proxy
mobil proxy satın al
0J2X