{"id":603,"date":"2013-12-09T19:05:59","date_gmt":"2013-12-09T19:05:59","guid":{"rendered":"http:\/\/pingtool.org\/?p=603"},"modified":"2013-12-09T19:07:14","modified_gmt":"2013-12-09T19:07:14","slug":"cisco-ios-remote-access-and-site-to-site-vpn-same-router-example","status":"publish","type":"post","link":"https:\/\/pingtool.org\/ru\/cisco-ios-remote-access-and-site-to-site-vpn-same-router-example\/","title":{"rendered":"\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 VPN \u0442\u0443\u043d\u043d\u0435\u043b\u044f \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0430 Cisco IOS"},"content":{"rendered":"<p>\u041e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 VPN \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0439 \u043c\u0435\u0436\u0434\u0443 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c\u0438 \u0441\u0435\u0442\u044f\u043c\u0438 (lan2lan) \u0438 VPN \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0439 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 (remote access) \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u043e\u0441\u043e\u0431\u043e\u0433\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f.<\/p>\n<p><strong>1. crypto isakmp key Pr3sh4r3DKEY address 89.123.45.6 no-xauth<\/strong><br \/>\n\u041d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 <strong>no-xauth<\/strong> \u0434\u043b\u044f IP \u0430\u0434\u0440\u0435\u0441\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0432 Lan2Lan VPN.<\/p>\n<p><strong>2. crypto map VPNMAP <strong>65535<\/strong> ipsec-isakmp dynamic DYNMAP<\/strong><br \/>\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0439\u0442\u0435 \u043f\u043e\u0440\u044f\u0434\u043a\u043e\u0432\u044b\u0439 \u043d\u043e\u043c\u0435\u0440 65535 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0447\u0442\u043e \u0431\u044b \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u043a\u043e\u043d\u0444\u043b\u0438\u043a\u0442\u043e\u0432 \u0441 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 VPN \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f\u043c\u0438.<\/p>\n<p><strong>\u041f\u0440\u0438\u043c\u0435\u0440 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 Cisco IOS<\/strong> \u0440\u0443\u0442\u0435\u0440\u0430 \u0441 \u0434\u0432\u0443\u043c\u044f \u0442\u0438\u043f\u0430\u043c\u0438 VPN \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0439:<\/p>\n<p><code><\/p>\n<p>crypto isakmp policy 1<br \/>\n encr aes 256<br \/>\n authentication pre-share<br \/>\n group 2<\/p>\n<p>crypto isakmp key Pr3sh4r3DKEY address 89.123.45.6 no-xauth<\/p>\n<p>crypto isakmp client configuration group REMOTEGROUP<br \/>\n key<br \/>\n dns 10.18.19.2<br \/>\n pool REMOTEPOOL<br \/>\n acl 110<br \/>\n!<br \/>\n!<br \/>\ncrypto ipsec transform-set REMOTEVPN esp-3des esp-sha-hmac<br \/>\n!<br \/>\ncrypto dynamic-map DYNMAP 10<br \/>\n set transform-set REMOTEVPN<br \/>\n!<br \/>\n!<\/p>\n<p>crypto map VPNMAP client authentication list vpnuserauth<br \/>\ncrypto map VPNMAP isakmp authorization list vpngroupauthor<br \/>\ncrypto map VPNMAP client configuration address respond<\/p>\n<p>crypto map VPNMAP 5 ipsec-isakmp<br \/>\n set peer 213.219.124.154<br \/>\n set transform-set REMOTEVPN<br \/>\n set pfs group2<br \/>\n match address VPN_ACL<\/p>\n<p>crypto map VPNMAP 65535 ipsec-isakmp dynamic DYNMAP<\/p>\n<p>ip local pool REMOTEPOOL 192.168.100.10 192.168.100.20<\/p>\n<p><\/code><\/p>","protected":false},"excerpt":{"rendered":"<p>\u041e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 VPN \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0439 \u043c\u0435\u0436\u0434\u0443 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c\u0438 \u0441\u0435\u0442\u044f\u043c\u0438 (lan2lan) \u0438 VPN \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0439 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 (remote access) \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u043e\u0441\u043e\u0431\u043e\u0433\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f. 1. crypto isakmp key Pr3sh4r3DKEY address 89.123.45.6 no-xauth \u041d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 no-xauth \u0434\u043b\u044f IP \u0430\u0434\u0440\u0435\u0441\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0432 Lan2Lan VPN. 2. crypto &hellip; <a href=\"https:\/\/pingtool.org\/ru\/cisco-ios-remote-access-and-site-to-site-vpn-same-router-example\/\">\u0427\u0438\u0442\u0430\u0442\u044c \u0434\u0430\u043b\u0435\u0435 <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ngg_post_thumbnail":0,"footnotes":""},"categories":[13],"tags":[9,10],"class_list":["post-603","post","type-post","status-publish","format-standard","hentry","category-networking","tag-cisco","tag-vpn"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/pingtool.org\/ru\/wp-json\/wp\/v2\/posts\/603","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pingtool.org\/ru\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pingtool.org\/ru\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pingtool.org\/ru\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/pingtool.org\/ru\/wp-json\/wp\/v2\/comments?post=603"}],"version-history":[{"count":6,"href":"https:\/\/pingtool.org\/ru\/wp-json\/wp\/v2\/posts\/603\/revisions"}],"predecessor-version":[{"id":643,"href":"https:\/\/pingtool.org\/ru\/wp-json\/wp\/v2\/posts\/603\/revisions\/643"}],"wp:attachment":[{"href":"https:\/\/pingtool.org\/ru\/wp-json\/wp\/v2\/media?parent=603"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pingtool.org\/ru\/wp-json\/wp\/v2\/categories?post=603"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pingtool.org\/ru\/wp-json\/wp\/v2\/tags?post=603"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}