Popular
Latest Articles
- How to Secure your Cisco Router
- Creating CLI Views on a Cisco Router
- Configuring TACACS+ on a Cisco Router
- How to enable SDM on your router
- Build a Samba Server on Redhat / CentOS
- How to set the Time / Date and Timezone in CentOS
- How to install SSH on Solaris 10 x86
- ESX4 - How do I turn on/off a Virtual Machine from the command line ?
PIX - VPN - Remote Access
Sunday, 18 May 2008 13:39
6.x
(config)#username 123 password 123
(config)#isakmp enable outside
(config)#ip local pool VPNIP 10.0.10.10-10.0.10.20 mask 255.255.255.0
(config)#isakmp policy 1 authentication pre-share
(config)#isakmp policy 1 encryption 3des
(config)#isakmp policy 1 hash sha
(config)#isakmp policy 1 group 2
(config)#isakmp policy 1 lifetime 43200
(config)# crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
(config)#crypto dynamic-map outside_dyn_map 10 set transform-set ESP-3DES-SHA
(config)#crypto map outside_map 10 ipsec-isakmp dynamic outside_dyn_map
config)#crypto dynamic-map Outside_dyn_map2 20 set reverse-route
(config)# crypto map outside_map2 interface outside
(config)#crypto isakmp nat-traversal
(config)#sysopt connection permit-ipsec
(config)#vpngroup VPNGRP password 123
(config)#vpngroup VPNGRP address VPNIP
(config)#vpngroup VPNGRP idle-time 1200
(config)#isakmp keepalive 30 10
(config)#access-list 121 permit ip 192.168.0.0 255.255.255.0 10.0.10.0 255.255.255.0
(config)#nat (inside) 0 access-list 121
7.x
(config)#username 123 password 123
(config)#isakmp enable outside
(config)#ip local pool VPNIP 10.0.10.10-10.0.10.20 mask 255.255.255.0
(config)#isakmp policy 1 authentication pre-share
(config)#isakmp policy 1 encryption 3des
(config)#isakmp policy 1 hash sha
(config)#isakmp policy 1 group 2
(config)#isakmp policy 1 lifetime 43200
(config)#crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
(config)#crypto dynamic-map outside_dyn_map 10 set transform-set ESP-3DES-SHA
(config)#crypto map Outside_map 10 ipsec-isakmp dynamic Outside_dyn_map
(config)#crypto dynamic-map Outside_dyn_map 10 set reverse-route
(config)#crypto dynamic-map outside_dyn_map 10 set security-association lifetime seconds 288000
(config)#crypto map outside_map interface outside
(config)#crypto isakmp nat-traversal
(config)#sysopt connection permit-ipsec
(config)#group-policy homevpn internal
(config)#group-policy homevpn attributes
(config)#(config-group-policy)#dns-server value 172.16.1.11
(config)#(config-group-policy)#vpn-tunnel-protocol IPSec
(config)#(config-group-policy)#default-domain value test.com
(config)#tunnel-group homevpn ipsec-ra
(config)#tunnel-group homevpn ipsec-attributes
(config-tunnel-ipsec)#pre-shared-key cisco123
(config)#tunnel-group homevpn general-attributes
(config-tunnel-general)#authentication-server-group LOCAL
(config-tunnel-ipsec)# default-group-policy homevpn
(config-tunnel-general)#address-pool VPNIP