CISCO ASA REMOTE ACCESS: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
(Die Seite wurde neu angelegt: „*http://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/vpn_remote_access.html“)
 
Zeile 1: Zeile 1:
 +
 +
 +
hostname(config)# interface ethernet0
 +
 +
hostname(config-if)# ip address 10.10.4.200 255.255.0.0
 +
 +
hostname(config-if)# nameif outside
 +
 +
hostname(config-if)# no shutdown
 +
 +
hostname(config)# crypto ikev1 policy 1
 +
 +
hostname(config-ikev1-policy)# authentication pre-share
 +
 +
hostname(config-ikev1-policy)# encryption 3des
 +
 +
hostname(config-ikev1-policy)# hash sha
 +
 +
hostname(config-ikev1-policy)# group 2
 +
 +
hostname(config-ikev1-policy)# lifetime 43200
 +
 +
hostname(config)# crypto ikev1 enable outside
 +
 +
hostname(config)# ip local pool testpool 192.168.0.10-192.168.0.15
 +
 +
hostname(config)# username testuser password 12345678
 +
 +
hostname(config)# crypto ipsec ikev1 transform-set FirstSet esp-3des esp-md5-hmac
 +
 +
hostname(config)# tunnel-group testgroup type remote-access
 +
 +
hostname(config)# tunnel-group testgroup general-attributes
 +
 +
hostname(config-general)# address-pool testpool
 +
 +
hostname(config)# tunnel-group testgroup ipsec-attributes
 +
 +
hostname(config-ipsec)# ikev1 pre-shared-key 44kkaol59636jnfx
 +
 +
hostname(config)# crypto dynamic-map dyn1 1 set ikev1 transform-set FirstSet
 +
 +
hostname(config)# crypto dynamic-map dyn1 1 set reverse-route
 +
 +
hostname(config)# crypto map mymap 1 ipsec-isakmp dynamic dyn1
 +
 +
hostname(config)# crypto map mymap interface outside
 +
 +
hostname(config)# write memory
 +
 +
 +
 +
 +
 +
 
*http://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/vpn_remote_access.html
 
*http://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/vpn_remote_access.html

Version vom 15. Februar 2016, 14:05 Uhr


hostname(config)# interface ethernet0

hostname(config-if)# ip address 10.10.4.200 255.255.0.0

hostname(config-if)# nameif outside

hostname(config-if)# no shutdown

hostname(config)# crypto ikev1 policy 1

hostname(config-ikev1-policy)# authentication pre-share

hostname(config-ikev1-policy)# encryption 3des

hostname(config-ikev1-policy)# hash sha

hostname(config-ikev1-policy)# group 2

hostname(config-ikev1-policy)# lifetime 43200

hostname(config)# crypto ikev1 enable outside

hostname(config)# ip local pool testpool 192.168.0.10-192.168.0.15

hostname(config)# username testuser password 12345678

hostname(config)# crypto ipsec ikev1 transform-set FirstSet esp-3des esp-md5-hmac

hostname(config)# tunnel-group testgroup type remote-access

hostname(config)# tunnel-group testgroup general-attributes

hostname(config-general)# address-pool testpool

hostname(config)# tunnel-group testgroup ipsec-attributes

hostname(config-ipsec)# ikev1 pre-shared-key 44kkaol59636jnfx

hostname(config)# crypto dynamic-map dyn1 1 set ikev1 transform-set FirstSet

hostname(config)# crypto dynamic-map dyn1 1 set reverse-route

hostname(config)# crypto map mymap 1 ipsec-isakmp dynamic dyn1

hostname(config)# crypto map mymap interface outside

hostname(config)# write memory




Abgerufen von „http://wiki.ixheim.de/index.php?title=CISCO_ASA_REMOTE_ACCESS&oldid=8394