說明:這只是個Packet Tracer的簡單Lab,無聊複習用而已吧!
感覺怎麼出Lab都覺得只是把簡單的Lab擴大化而已,
這次會把Remote Access VPN需要打的指令標出來,
但不做指令解釋,在前一篇已有解釋。
這次只PO RO_A的,因為其它台的覺得沒什麼重要,就不PO囉
為了減少行數,刪除不必要之設定。
實作條件:
一、ISP的4顆Router要跑EIGRP協定
二、RO_A、RO_B建GRE並跑OSPF協定。
三、PC要能夠Remote Access VPN進RO_A。
四、其它就看圖應該大概知道了,也就不詳細明講囉。
先附上不專業PKT檔:選我選我 ( 載點失效,請回報 )
RO_A Show Run如下:
RO_A#sh run
Building configuration...
Current configuration : 1751 bytes
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname RO_A
!
ip dhcp pool LAN_POOL
network 192.168.10.0 255.255.255.0
default-router 192.168.10.254
dns-server 44.44.44.1
!
aaa new-model
aaa authentication login VPN local
aaa authorization network VPN local
!
username cater password 0 cater
username coolking password 0 coolking
User要創一個出來做驗證用
!
crypto isakmp policy 10
encr 3des
hash md5
authentication pre-share
group 2
!
crypto isakmp client configuration group EZVPN
key CISCO
pool VPN_POOL
!
crypto ipsec transform-set 3DES_MD5 esp-3des esp-md5-hmac
!
crypto dynamic-map DYNAMIC 10
set transform-set 3DES_MD5
reverse-route
!
crypto map VPN client authentication list VPN
crypto map VPN isakmp authorization list VPN
crypto map VPN client configuration address respond
crypto map VPN 20 ipsec-isakmp dynamic DYNAMIC
!
interface Tunnel10
ip address 10.10.10.1 255.255.255.0
tunnel source FastEthernet0/0
tunnel destination 33.33.33.1
!
interface FastEthernet0/0
ip address dhcp
ip nat outside
duplex auto
speed auto
crypto map VPN
!
interface FastEthernet0/1
ip address 192.168.10.254 255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface Vlan1
no ip address
shutdown
!
router ospf 1
log-adjacency-changes
redistribute static metric 100 subnets
network 192.168.10.0 0.0.0.255 area 1
network 10.10.10.0 0.0.0.255 area 1
network 172.16.10.0 0.0.0.255 area 1
!
ip local pool VPN_POOL 172.16.10.1 172.16.10.200
ip nat inside source list 1 interface FastEthernet0/0 overload
ip classless
!
access-list 1 permit 192.168.10.0 0.0.0.255
!
line con 0
login
line vty 0 4
login
!
end