[cisco-ttl] ipsec / diffie hellman vs.

From: ege iyioglu ([email protected])
Date: Sat Apr 05 2003 - 09:50:15 GMT

  • Next message: ege iyioglu: "Re: [cisco-ttl] ipsec / diffie hellman vs."

    selam
    1700 router da ipsec te diffie hellman 2 (1024 bit) kullanmak icin ne yapmam gerekiyor?
    sh run im asagidaki gibi..

    Current configuration : 2413 bytes
    !
    version 12.2
    service timestamps debug uptime
    service timestamps log uptime
    service password-encryption
    !
    hostname
    !
    logging buffered 4096 debugging
    no logging console
    enable secret 5 $1$Z93x$xnme.
    !
    username aaa password 7
    memory-size iomem 25
    ip subnet-zero
    no ip source-route
    !
    !
    ip telnet source-interface
    ip name-server 112.252.119.3
    ip name-server 112.252.119.4
    !
    ip ssh time-out 120
    ip ssh authentication-retries 3
    chat-script generic "" "atz" "OK" "atdt 08225613504" TIMEOUT 60 "CONNECT"\
    !
    crypto isakmp policy 1
     authentication pre-share
    crypto isakmp key siska13 address 203.64.43.126
    !
    !
    crypto ipsec transform-set rtpset esp-des esp-sha-hmac
    crypto mib ipsec flowmib history tunnel size 200
    crypto mib ipsec flowmib history failure size 200
    !
    crypto map rtp local-address FastEthernet0/0
    crypto map rtp 1 ipsec-isakmp
     set peer 203.64.43.126
     set transform-set rtpset
     match address 115
    !
    !
    !
    !
    interface Ethernet0/0
     ip address 10.1.1.151 255.255.255.0
     half-duplex
     no cdp enable
    !
    interface FastEthernet0/0
     ip address 203.64.124.57 255.255.255.248
     speed auto
     no cdp enable
    !
    interface Serial1/0
     backup delay 5 5
     backup interface Serial1/1
     ip address 203.54.98.78 255.255.255.252
     no ip proxy-arp
     no fair-queue
     no cdp enable
     crypto map rtp
    !
    interface Serial1/1
     physical-layer async
     ip address negotiated
     encapsulation ppp
     no ip route-cache
     no ip mroute-cache
     dialer in-band
     dialer idle-timeout 1800
     dialer string generic
     dialer-group 1
     async dynamic routing
     async mode interactive
     no peer default ip address
     ppp pap sent-username ziraat password 7 04490A5E7428784B05
    !
    ip classless
    ip route 0.0.0.0 0.0.0.0 Serial1/0
    ip route 0.0.0.0 0.0.0.0 Serial1/1 100
    ip route 0.0.0.0 0.0.0.0 FastEthernet0/0 150
    no ip http server
    ip pim bidir-enable
    !
    access-list 115 permit ip 10.1.1.0 0.0.0.255 host 172.16.20.2
    access-list 115 deny ip 10.1.
    access-list 115 deny ip any any
    dialer-list 1 protocol ip permit
    no cdp run
    !
    !
    line con 0
     exec-timeout 0 0
    line 2
     exec-timeout 0 0
     script dialer generic
     modem InOut
     autocommand ppp
     transport preferred telnet
     transport input telnet
     transport output telnet
     stopbits 1
     speed 115200
     flowcontrol hardware
    line aux 0
    line vty 0 4
     password 7 091D1C5B1C101A41595D
     login loca
    line vty 5 15
     password 7 091D1C5H1A101X41545T
     login local
    !
    end



    This archive was generated by hypermail 2.1.5 : Sat Apr 05 2003 - 13:59:22 GMT