IPSEC H3C MSR路由器到GCP配置脚本
GCP ike类型 传统网关 IKEV2 相关端口UPD 500 4500
文档 :
参数说明:
路由器增加配置
功能
|
配置片段
|
|
---|---|---|
ACL | # acl number 3099 description TO-GCP rule 0 permit ip source 10.0.0.0 0.0.255.255 destination 172.1.1.0 0.0.0.255 # |
|
ike 与 ipsec | # ipsec transform-set togcp esp encryption-algorithm aes-cbc-256 esp authentication-algorithm sha256 # ikev2 keychain togcp peer gcpszn address 1.1.1.1 255.255.255.255 identity address 34.97.183.140 pre-shared-key ciphertext $c$1la8/J5nF ## ipsec policy policymuss 40 isakmp transform-set togcp security acl 3099 remote-address 1.1.1.1 ikev2-profile togcp #interface GigabitEthernet5/7 port link-mode route ipsec apply policy policymuss |
|
路由 | ip route-static 172.1.1.0 24 192.168.255.1 description LAN
ip route-static 1.1.1.1 32 192.168.255.1 description GCP-PSECVPN |
阅读剩余
版权声明:
作者:zhangyin
链接:https://blog.zhangyin.net/590.html
文章版权归作者所有,未经允许请勿转载。
THE END