cisco 5510 远程访问***
access-list 120 extended permit ip 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0ip local pool ***POOL 192.168.2.1-192.168.2.100 mask 255.255.255.0
nat (inside) 0 access-list 120
crypto ipsec transform-set zlc esp-des esp-md5-hmac
crypto dynamic-map out_dy_map 10 set transform-set zlc
crypto dynamic-map out_dy_map 10 set security-association lifetime seconds 288000
crypto map out_map 10 ipsec-isakmp dynamic out_dy_map
crypto map out_map interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption des
hash md5
group 2
lifetime 86400
exit
crypto isakmp nat-traversal20
group-policy group1 internal
group-policy group1 attributes
dns-server value 60.191.134.196
***-tunnel-protocol IPSec
username XXX password YYY //拨号用的用户名和密码
tunnel-group cisco type ipsec-ra //组名是cisco
tunnel-group cisco general-attributes
address-pool ***POOL
default-group-policy group1
tunnel-group cisco ipsec-attributes
pre-shared-key 123 //123你组的密码
页:
[1]