一、 基于路由器的站点到站点的张家界旅游几月份去好VPN
1、 创建IKE策略,创建管理连接
Crypto isakmp policy 1
        Encryption des
朴善怜        Hash sha
        Authentication rsa
        Group 1
        Exit
Crypto isakmp key cisco address 200.1.1.1
2、 创建数据连接
Access-list 100 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
Crypto ipsec transform-set vpn-set esp-aes ah-sha-hmac
        Mode tunnel
Crypto map vpn-map 1 ipsec-isakmp
        Match address 100
        Set peer 200.1.1.1
        Set transform-set vpn-set
        Exit
Interface f0/0
Crypto map vpn-map
二、 基于防火墙的站点到站点的VPN
1、 配置NAT豁免
Access-list 100 permit ip 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0
颉彦君
Nat (inside) 0 access-list 100
2、 创建管理连接
Crypto isakmp enable outside
Crypto iskamp policy 1
        Encryption 3des
        Hash sha
        Authentication pre-share
        Group 2
        Exit
Isakmp key cisco address 200.1.1.1
3、 创建数据连接
Crypto ipsec transform-set vpn-set esp-aes esp-sha-hmac
Crypto map vpn-map 1 match address 100
Crypto map vpn-map 1 set transform-set vpn-set
Crypto map vpn-map 1 set peer 200.1.1.1
Crypto map vpn-map interface outside
三、 基于路由器的Easy VPN
1、 启用AAA服务
Aaa new-module
Aaa authentication login vpn-authen local
Aaa authorization network vpn-author local
Username wjc password 123
2、 创建管理连接
Crypto isakmp policy 1
        Encryption aes
        Hash sha
        Authentication pre-share
        Group 2
        Exit
3、 创建本地组
Ip local pool vpn-pool 192.168.1.1 192.168.1.10
Access-list 100 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
Crypto iskamp client configuration group vpn-group
        Key cisco
        Pool vpn-pool
        Acl 100
        Exit
4、 创建数据连接
Crypto ipsec transform-set vpn-set esp-aes esp-sha-hmac
Crypto dynamic-map vpn-dymap 1
    Set transform-set vpn-set
    Exit
Crypto map vpn-map client authentication list vpn-authen
Crypto map vpn-map isakmp network list vpn-author
张沫凡恋情
Crypto map vpn-map client configuration address respond
Crypto map vpn-map 1 dynamic vpn-dymap
Interface f0/0
Crypto map vpn-map
四、 基于防火墙的Easy VPN
1、 配置用户名、密码
Username wjc password 123
2、 创建管理连接
Crypto isakmp enable outside
Crypto isakmp policy 1
        Encryption 3des
        Hash sha
        Authentication pre-share
        Group 2
        Exit
3、 创建组策略
ip local pool vpn-pool 192.168.1.1-192.168.1.10
access-list 100 permit ip 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0
Group-policy vpn-group-policy internal
Group-policy vpn-group-policy attributes
    Split-tunnel-policy tunnelspecified
    Split-tunnel-network-list value 100
    Exit
4、 创建隧道组
Tunnel-group vpn-tunnel-group type ipsec-ra   
Tunnel-group vpn-tunnel-group general-attributes
        Address-pool vpn-pool
        Default-group-policy vpn-group-policy
        Exit
Tunnel-group vpn-tunnel-group ipsec-attributes
        Pre-shared-key cisco
        Exit
5、 创建数据连接
文化的特点Crypto ipsec transform-set vpn-set esp-aes esp-sha-hmac
Crypto dynamic map 1 vpn-dymap set transform-set vpn-set
Crypto map vpn-map 1 dynamic vpn-dymap
Crypto map vpn-map interface outside
五、 基于防火墙的SSL VPN
1、 开启WEBVPN
Webvpn
Enable outside
Svc image disk0:/sslclient
Svc enable
2、 创建组策略
Ip local pool vpn-pool 192.168.1.1-192.168.1.10
Access-list 100 permit ip 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0
Group-policy vpn-group-policy internal
Group-policy vpn-group-policy attributes
        Tunnel-group-policy webvpn svc
        Split-tunnel-policy tunnelspecified
文案句子        Split-tunnel-network-list value 100
        Webvpn
        Svc ask enable
3、 创建隧道组
Tunnel-group vpn-tunnel-group type webvpn
Tunnel-group vpn-tunnel-group general-attributes
    Address-pool vpn-pool
    Default-group-policy vpn-group-policy
    Exit
Tunnel-group vpn-tunnel-group webvpn-attributes
    Group-alias group enable
    Exit
4、 应用隧道组
Webvpn
Tunnel-group-list enable