126
User
Manual
GWG Gateway
set isakmp–profile L2L
match address 121
!
!––– Crypto–map only references instances of the previous dynamic crypto map.
!
crypto map
GWG
10 ipsec–isakmp dynamic
dynGWG
!
interface FastEthernet0/0
description WAN INTERFACE
ip address 150.160.170.1 255.255.255.252
ip nat outside
no ip route–cache
no ip mroute–cache
duplex auto
speed auto
crypto map GWG
!
interface FastEthernet0/1
description LAN INTERFACE
ip address 10.10.10.1 255.255.255.0
ip nat inside
no ip route–cache
no ip mroute–cache
duplex auto
speed auto
!
ip route 0.0.0.0 0.0.0.0 150.160.170.2
!
ip http server
no ip http secure–server
ip nat inside source list nat_list interface FastEthernet0/0 overload
!
ip access–list extended nat_list
deny ip 10.10.10.0 0.0.0.255 192.168.10.0 0.0.0.255
permit ip 10.10.10.0 0.0.0.255 any
access-list 121 permit ip 10.10.10.0 0.0.0.255 192.168.10.0 0.0.0.255
!
access–list 23 permit any
!
line con 0
line aux 0
line vty 0 4
access–class 23 in
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access–class 23 in
privilege level 15
login local
transport input telnet ssh
!
end
Use this section to confirm that your configuration works properly. Debug commands that run on the
Cisco router can confirm that the correct parameters are matched for the remote connections.
•
show ip interface
—Displays the IP address assignment to the spoke router.
•
show crypto isakmp sa detail
—Displays the IKE SAs, which have been set–up between the IPsec
initiators.
•
show crypto ipsec sa
—Displays the IPsec SAs, which have been set–up between the IPsec initiators.
•
debug crypto isakmp
—Displays messages about Internet Key Exchange (IKE) events.
•
debug crypto ipsec
—Displays IPsec events.
•
debug crypto engine
—Displays crypto engine events.
Summary of Contents for GWG
Page 1: ...GWG Gateway USER MANUAL GWG Document version 1 0 1 Date July 2016 WWW GENEKO RS ...
Page 43: ...43 User Manual GWG Gateway Figure 22 RIP configuration page ...
Page 136: ...136 User Manual GWG Gateway Click OK Figure 125 Policies from trust to untrust zone ...
Page 156: ...156 User Manual GWG Gateway Figure 150 Configuration page for SIM keepalive ...