R1
配置IP地址级NAT 定义ACL抓取感兴趣数据流
access-list 100 permit ip host 1.1.1.1 host 2.2.2.2 配置IPSEC
crypto isakmp key ruijie address 2.2.2.2
crypto ipsec transform-set myset esp-3des esp-md5-hmac crypto map mymap 1 ipsec-isakmp set peer 2.2.2.2
set transform-set myset match address 100 配置GRE
interface Tunnel 0
ip address 192.168.3.1 255.255.255.0 tunnel source 1.1.1.1 tunnel destination 2.2.2.2 将crypto map作用在端口 interface Serial 0/3/0 crypto map mymap
配置路由 router ospf 1
network 192.168.1.0 0.0.0.255 area 0
network 192.168.3.0 0.0.0.255 area 0 将GRE隧道的路由发布出去 R3
配置IP地址级NAT 定义ACL抓取感兴趣数据流
access-list 100 permit ip host 2.2.2.2 host 1.1.1.1 配置IPSEC
crypto isakmp key ruijie address 1.1.1.1
crypto ipsec transform-set myset esp-3des esp-md5-hmac crypto map mymap 1 ipsec-isakmp
set peer 1.1.1.1
set transform-set myset match address 100 配置GRE
interface Tunnel 0
ip address 192.168.3.2 255.255.255.0 tunnel source 2.2.2.2 tunnel destination 1.1.1.1 将crypto map作用在端口 interface Serial 0/3/0 crypto map mymap
配置路由 router ospf 1
network 192.168.2.0 0.0.0.255 area 0
network 192.168.3.0 0.0.0.255 area 0 去
将GRE隧道的路由发布出
