CISCO ASA REMOTE ACCESS: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) |
Thomas (Diskussion | Beiträge) |
||
| Zeile 19: | Zeile 19: | ||
*ciscoasa(config-tunnel-ipsec)# ikev1 pre-shared-key sau-geheim | *ciscoasa(config-tunnel-ipsec)# ikev1 pre-shared-key sau-geheim | ||
| − | =Zusammenfassen | + | =Zusammenfassen dyn-vpn-roadwarrior Transformset AES256-MD5 und Policy [[Cisco Asa ISAKMP Phase1]]= |
*ciscoasa(config)# crypto dynamic-map dyn-vpn-roadwarrior 10 set ikev1 transform-set AES256-MD5 | *ciscoasa(config)# crypto dynamic-map dyn-vpn-roadwarrior 10 set ikev1 transform-set AES256-MD5 | ||
Version vom 15. Februar 2016, 14:40 Uhr
Cisco Asa ISAKMP Phase1
Configuring an Address Pool
- ciscoasa(config)# ip local pool vpn-roadwarrior-pool 172.28.28.10-172.28.28.30 mask 255.255.255.0
User anlegen
- ciscoasa(config)# username thomas password oimel
- ciscoasa(config)# username david password suxer
- ciscoasa(config)# username janning password schmeich
Transformset
- ciscoasa(config)# crypto ipsec ikev1 transform-set AES256-MD5 esp-aes-256 esp-md5-hmac
Typ der Tunnelgruppe festlegen
- ciscoasa(config)# tunnel-group vpn-roadwarrior type remote-access
Attribute der Tunnelgruppe festlegen
- ciscoasa(config)# tunnel-group vpn-roadwarrior general-attributes
Addresspool zuweisen
- ciscoasa(config-tunnel-general)# address-pool vpn-roadwarrior-pool
PSK festlegen
- ciscoasa(config)# tunnel-group vpn-roadwarrior ipsec-attributes
- ciscoasa(config-tunnel-ipsec)# ikev1 pre-shared-key sau-geheim
Zusammenfassen dyn-vpn-roadwarrior Transformset AES256-MD5 und Policy Cisco Asa ISAKMP Phase1
- ciscoasa(config)# crypto dynamic-map dyn-vpn-roadwarrior 10 set ikev1 transform-set AES256-MD5
hostname(config)# crypto dynamic-map dyn1 1 set ikev1 transform-set FirstSet
hostname(config)# crypto dynamic-map dyn1 1 set reverse-route
hostname(config)# crypto map mymap 1 ipsec-isakmp dynamic dyn1
hostname(config)# crypto map mymap interface outside
hostname(config)# write memory