最終更新:2020-05-29 (金) 12:05:59 (1427d)
UNIVERGE IX/設定/L2VPN
拠点1
hostname Router1 IX/コマンド/hostname Router1 username admin password plain secret administrator IX/コマンド/username admin password plain secret administrator ip route default GigaEthernet0.1 IX/コマンド/ip route default GigaEthernet0.1 ip access-list flt-list permit 50 src any dest 192.0.2.1/32 IX/コマンド/ip access-list flt-list permit 50 src any dest 192.0.2.1/32 ip access-list flt-list permit udp src any dest 192.0.2.1/32 dport eq 500 IX/コマンド/ip access-list flt-list permit udp src any dest 192.0.2.1/32 dport eq 500 ip access-list sec-list permit ip src 192.0.2.1/32 dest any IX/コマンド/ip access-list sec-list permit ip src 192.0.2.1/32 dest any ike proposal ikeprop encryption aes-256 hash sha2-256 IX/コマンド/ike proposal ikeprop encryption? aes-256 hash sha2-256 ike policy ike-policy peer any key secret-vpn mode aggressive ikeprop IX/コマンド/ike policy ike-policy peer any key secret-vpn mode aggressive ikeprop ike remote-id ike-policy keyid kyoten2 IX/コマンド/ike remote-id ike-policy keyid kyoten2? ike commit-bit ike-policy IX/コマンド/ike commit-bit ike-policy? ipsec autokey-proposal secprop esp-aes-256 esp-sha2-256 IX/コマンド/ipsec autokey-proposal secprop esp-aes-256 esp-sha2-256 ipsec dynamic-map ipsec-policy sec-list secprop ike ike-policy IX/コマンド/ipsec dynamic-map ipsec-policy? sec-list secprop ike ike-policy ipsec local-id ipsec-policy 192.168.0.1 IX/コマンド/ipsec local-id ipsec-policy? 192.168.0.1 ipsec remote-id ipsec-policy 192.168.0.2 IX/コマンド/ipsec remote-id ipsec-policy? 192.168.0.2 ipsec commit-bit ipsec-policy IX/コマンド/ipsec commit-bit ipsec-policy bridge irb enable IX/コマンド/bridge irb enable ppp profile ppp_profile IX/コマンド/ppp profile ppp_profile? authentication myname user-A@example.com IX/コマンド/authentication myname? user-A@example.com authentication password user-A@example.com password-1 IX/コマンド/authentication password? user-A@example.com password-1 interface GigaEthernet1.0 IX/コマンド/interface GigaEthernet1.0 bridge-group 1 IX/コマンド/bridge-group 1 no shutdown IX/コマンド/no shutdown? interface GigaEthernet0.1 IX/コマンド/interface GigaEthernet0.1 ppp binding ppp_profile IX/コマンド/ppp binding ppp_profile? ip address 192.0.2.1/32 IX/コマンド/ip address 192.0.2.1/32 ip filter flt-list 1 in IX/コマンド/ip filter flt-list 1 in no shutdown IX/コマンド/no shutdown? interface BVI1 IX/コマンド/interface BVI1? ip address 192.168.0.1/24 IX/コマンド/ip address 192.168.0.1/24 bridge-group 1 IX/コマンド/bridge-group 1 no shutdown IX/コマンド/no shutdown? interface Tunnel0.0 IX/コマンド/interface Tunnel0.0 tunnel mode ether-ip ipsec IX/コマンド/tunnel mode ether-ip ipsec ipsec policy transport ipsec-policy with-id-payload IX/コマンド/ipsec policy transport ipsec-policy with-id-payload? bridge-group 1 IX/コマンド/bridge-group 1 bridge ip tcp adjust-mss 1300 IX/コマンド/bridge ip tcp adjust-mss? 1300 no shutdown IX/コマンド/no shutdown?
