ip address 172.10.2.2 255.255.255.0
tunnel source FastEthernet0/1
tunnel destination 10.10.8.1
!
!
interface Tunnel2
ip address 172.10.1.1 255.255.255.0
tunnel source FastEthernet0/0
tunnel destination 10.10.11.2
!
!
interface FastEthernet0/0
ip address 10.10.10.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.10.9.2 255.255.255.0
duplex auto
speed auto
!
interface Ethernet0/1/0
ip address 22.22.4.1 255.255.255.0
duplex auto
speed auto
!
interface Ethernet0/2/0
ip address 192.168.3.1 255.255.255.0
ip access-group 110 out
duplex auto
speed auto
!
interface Ethernet0/3/0
ip address 10.10.5.2 255.255.255.0
duplex auto
speed auto
!
interface Vlan1
no ip address
shutdown
!
router eigrp 1
network 10.10.5.0 0.0.0.255
network 10.10.10.0 0.0.0.255
network 10.10.9.0 0.0.0.255
no auto-summary
!
router ospf 1
log-adjacency-changes
network 22.22.4.0 0.0.0.255 area 0
network 192.168.3.0 0.0.0.255 area 0
network 172.10.2.0 0.0.0.255 area 0
network 172.10.1.0 0.0.0.255 area 0
!
ip classless
!
!
access-list 110 permit udp host 22.22.4.2 host 192.168.3.2 eq domain
access-list 110 permit udp host 22.22.4.3 host 192.168.3.2 eq domain
access-list 110 permit udp host 22.22.4.4 host 192.168.3.2 eq domain
access-list 110 permit udp host 22.22.4.5 host 192.168.3.2 eq domain
access-list 110 permit tcp host 22.22.4.2 host 192.168.3.2 eq www
access-list 110 permit tcp host 22.22.4.3 host 192.168.3.2 eq www
access-list 110 deny udp any any
access-list 110 deny tcp any any
access-list 110 permit ip any any
!
Маршрутизатор7 филиала
!
crypto isakmp policy 1
encr 3des
authentication pre-share
lifetime 28800
!
crypto isakmp key 12345 address 0.0.0.0 0.0.0.0
!
!
crypto ipsec transform-set KURS esp-3des esp-sha-hmac
!
crypto map CISCO1 10 ipsec-isakmp
set peer 10.10.12.2
set pfs group5
set transform-set KURS
match address 102
!
interface Tunnel1
ip address 172.10.0.1 255.255.255.0
tunnel source FastEthernet0/1
tunnel destination 10.10.12.2
!
!
interface Tunnel2
ip address 172.10.6.2 255.255.255.0
tunnel source FastEthernet0/0
tunnel destination 10.10.15.1
!
!
interface FastEthernet0/0
ip address 10.10.14.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.10.13.1 255.255.255.0
duplex auto
speed
auto
crypto map CISCO1
!
interface Ethernet0/1/0
ip address 22.22.15.1 255.255.255.0
duplex auto
speed auto
!
interface Ethernet0/3/0
ip address 192.168.5.1 255.255.255.0
ip access-group 110 out
duplex auto
speed auto
!
interface Vlan1
no ip address
shutdown
!
router eigrp 1
network 10.10.13.0 0.0.0.255
network 10.10.14.0 0.0.0.255
no auto-summary
!
router ospf 1
log-adjacency-changes
network 172.10.0.0 0.0.0.255 area 0
network 172.10.6.0 0.0.0.255 area 0
network 22.22.15.0 0.0.0.255 area 0
network 192.168.5.0 0.0.0.255 area 0
!
ip classless
!
!
access-list 102 permit gre host 10.10.13.1 host 10.10.12.2
access-list 110 permit udp host 22.22.6.3 host 192.168.5.2 eq domain
access-list 110 permit udp host 22.22.6.5 host 192.168.5.2 eq domain
access-list 110 permit tcp host 22.22.6.3 host 192.168.5.2 eq www
access-list 110 permit tcp host 22.22.6.6 host 192.168.5.2 eq www
access-list 110 deny udp any any
access-list 110 deny tcp any any
access-list 110 permit ip any any
!
Маршрутизатор8 филиала
!
crypto isakmp policy 1
encr 3des
authentication pre-share
lifetime 28800
!
crypto isakmp key 12345 address 0.0.0.0 0.0.0.0
!
!
crypto ipsec transform-set KURS esp-3des esp-sha-hmac
!
crypto map CISCO1 10 ipsec-isakmp
set peer 10.10.13.1
set
pfs group5
set transform-set KURS
match address 102
!
interface Tunnel1
ip address 172.10.1.2 255.255.255.0
tunnel source FastEthernet0/1
Уважаемый посетитель!
Чтобы распечатать файл, скачайте его (в формате Word).
Ссылка на скачивание - внизу страницы.