Router0
Router(config)#route ospf 1 #配置OSPF保证所有设备互通
Router(config-router)#network 192.168.10.0 0.0.0.255 area 0
Router(config-router)#network 172.168.10.0 0.0.0.255 area 0
Router(config)#access-list 101 permit ip 172.168.10.0 0.0.0.255 172.168.20.0 0.0.0.255 #配置感兴趣流
Router(config)#crypto isakmp policy 1
Router(config-isakmp)#authentication pre-share
Router(config-isakmp)#hash sha
Router(config-isakmp)#encryption aes
Router(config)#crypto isakmp key cisco address 192.168.20.1
Router(config)#crypto ipsec transform-set myset esp-des esp-sha-hmac
Router(config)#crypto map mymap 5 ipsec-isakmp
Router(config-crypto-map)#set peer 192.168.20.1
Router(config-crypto-map)#set transform-set myset
Router(config-crypto-map)#match address 101
Router(config)#int fastEthernet 0/0
Router(config-if)#crypto map mymap
Router1
1 Router(config)#router ospf 1 #配置OSPF保证所有设备互通 2 Router(config-router)#network 192.168.10.0 0.0.0.255 area 0 3 Router(config-router)#network 192.168.20.0 0.0.0.255 area 0
Router2
Router(config)#route ospf 1 #配置OSPF保证所有设备互通
Router(config-router)#network 192.168.20.0 0.0.0.255 area 0
Router(config-router)#network 172.168.20.0 0.0.0.255 area 0
1 Router(config)#access-list 101 permit ip 172.168.20.0 0.0.0.255 172.168.10.0 0.0.0.255 2 Router(config)#crypto isakmp policy 1 3 Router(config-isakmp)#authentication pre-share 4 Router(config-isakmp)#hash sha 5 Router(config-isakmp)#encryption aes 6 Router(config)#crypto isakmp key cisco address 192.168.10.1 7 Router(config)#crypto ipsec transform-set myset esp-des esp-sha-hmac 8 Router(config)#crypto map mymap 5 ipsec-isakmp 9 Router(config-crypto-map)#set peer 192.168.10.1 10 Router(config-crypto-map)#set transform-set myset 11 Router(config-crypto-map)#match address 101 12 Router(config)#int fastEthernet 0/0 13 Router(config-if)#crypto map mymap
测试
标签:map,cisco,0.0,crypto,ipsecvpn,isakmp,Router,config From: https://www.cnblogs.com/dragonwin/p/16879896.html