Using IPsec to Secure IPv6 over an IPv4 Tunnel

shaguar0211 · 发表于 2009-12-4 16:37:07

拓扑图

配置
hostname R1
!
ip cef
!
ipv6 unicast-routing
ipv6 cef
!
crypto isakmp policy 1
encr aes
authentication pre-share
group 2
crypto isakmp key ipv6ipsec address 192.168.23.3
!
crypto ipsec transform-set ipv6ipsec ah-sha-hmac esp-aes
!
crypto map ipv6ipsec 10 ipsec-isakmp
set peer 192.168.23.3
set transform-set ipv6ipsec
match address 101
!
interface Tunnel0
no ip address
ipv6 address FC00:1133::1/32
tunnel source 192.168.12.1
tunnel destination 192.168.23.3
tunnel mode ipv6ip
crypto map ipv6ipsec
!
interface Loopback0
description only.for.ipv4
ip address 1.1.1.1 255.255.255.255
!
interface Loopback1
description only.for.ipv6
no ip address
ipv6 address FC00:1::1/128
ipv6 enable
!
interface Ethernet1/2
ip address 192.168.12.1 255.255.255.0
duplex full
crypto map ipv6ipsec
!
router ospf 100
router-id 1.1.1.1
log-adjacency-changes
redistribute connected subnets
redistribute static subnets
network 192.168.0.0 0.0.255.255 area 0
!
access-list 101 permit ip host 192.168.12.1 host 192.168.23.3
!
ipv6 route FC00:3::3/128 Tunnel0

hostname R2
!
ip cef
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Ethernet1/1
ip address 192.168.12.2 255.255.255.0
duplex full
!
interface Ethernet1/3
ip address 192.168.23.2 255.255.255.0
duplex full
!
router ospf 100
router-id 2.2.2.2
log-adjacency-changes
redistribute connected subnets
redistribute static subnets
network 192.168.0.0 0.0.255.255 area 0

hostname R3
!
ip cef
!
ipv6 unicast-routing
ipv6 cef
!
crypto isakmp policy 1
encr aes
authentication pre-share
group 2
crypto isakmp key ipv6ipsec address 192.168.12.1
!
crypto ipsec transform-set ipv6ipsec ah-sha-hmac esp-aes
!
crypto map ipv6ipsec 10 ipsec-isakmp
set peer 192.168.12.1
set transform-set ipv6ipsec
match address 101
!
interface Tunnel0
no ip address
ipv6 address FC00:1133::3/32
tunnel source 192.168.23.3
tunnel destination 192.168.12.1
tunnel mode ipv6ip
crypto map ipv6ipsec
!
interface Loopback0
description only.for.ipv4
ip address 3.3.3.3 255.255.255.255
!
interface Loopback1
description only.for.ipv6
no ip address
ipv6 address FC00:3::3/128
ipv6 enable
!
interface Ethernet1/2
ip address 192.168.23.3 255.255.255.0
duplex full
crypto map ipv6ipsec
!
router ospf 100
router-id 3.3.3.3
log-adjacency-changes
redistribute connected subnets
redistribute static subnets
network 192.168.0.0 0.0.255.255 area 0
!
access-list 101 permit ip host 192.168.23.3 host 192.168.12.1
!
ipv6 route FC00:1::1/128 Tunnel0

～太傻～ · 发表于 2009-12-6 10:01:31

我在努力中

凌波微步 · 发表于 2009-12-7 10:09:29

不错不错.,..我喜欢

显示全部楼层 · 发表于 2009-12-7 10:23:11

提示: 作者被禁止或删除内容自动屏蔽

地板 2009-12-7 10:23:11 回复收起回复

alex_lxyz · 发表于 2010-4-8 01:27:00

谢谢谢谢谢谢

delwei · 发表于 2012-2-25 12:17:57

最近鸭梨真的很大啊

逸徵羽 · 发表于 2018-10-21 22:15:28

感谢楼主分享，谢谢！

sanghoyun · 发表于 2018-11-10 12:41:24

nice tip!

chery1028 · 发表于 2018-11-11 16:18:24

感谢楼主分享！

账号		自动登录	找回密码
密码			论坛注册

zzz1230 该用户已被删除	发表于 2009-12-7 10:23:11 \| 显示全部楼层提示: 作者被禁止或删除内容自动屏蔽地板 2009-12-7 10:23:11 回复(0) 收起回复我要说一句
zzz1230 该用户已被删除
	回复支持反对使用道具举报

[分享] Using IPsec to Secure IPv6 over an IPv4 Tunnel

我在努力中

不错不错.,..我喜欢

客服中心

投诉建议