IPSec VPN 大家帮忙看看哪里出问题了

啥也不会的菜鸡

sy
sy ISP
int g0/0/0
ip add 12.0.0.1 24
int g0/0/1
ip add 13.0.0.1 24
q




sy
sy NJ
dhcp en
acl 3000
rule deny ip de 192.168.20.0 0.0.0.255
rule permit ip
acl 3001
rule permit ip de 192.168.20.0 0.0.0.255
q
int g0/0/1
ip add 12.0.0.2  24
nat outbound 3000
int g0/0/0
ip add 192.168.10.254 24
dhcp sel int
q
ip route-static 0.0.0.0 0 12.0.0.1
ike proposal 1
authentication-algorithm SM3
authentication-method pre-share
encryption-algorithm aes-cbc-256
dh group14
ipsec proposal NJ
encapsulation-mode tunnel
transform esp
esp authentication-algorithm sha2-256
esp encryption-algorithm aes-256
ike peer NJ v1
ike-proposal 1
pre-shared-key cipher ysl
exchange-mode main
local-address  12.0.0.2
remote-address 13.0.0.3
ipsec policy NJ 10 isakmp
ike-peer NJ
proposal NJ
sec acl 3001
q
int g0/0/1
ipsec policy NJ
q






sy
sy GZ
dhcp en
acl 3000
rule deny ip de 192.168.10.0 0.0.0.255
rule permit ip
acl 3001
rule permit ip de 192.168.10.0 0.0.0.255
q
int g0/0/0
ip add 13.0.0.3  24
nat outbound 3000
int g0/0/1
ip add 192.168.20.254 24
dhcp sel int
q
ip route-static 0.0.0.0 0 13.0.0.1
ike proposal 1
authentication-algorithm SM3
authentication-method pre-share
encryption-algorithm aes-cbc-256
dh group14
ipsec proposal GZ
encapsulation-mode tunnel
transform esp
esp authentication-algorithm sha2-256
esp encryption-algorithm aes-256
ike peer GZ v1
ike-proposal 1
pre-shared-key cipher ysl
exchange-mode main
local-address 13.0.0.3
remote-address 12.0.0.2
ipsec policy GZ 10 isakmp
ike-peer GZ
proposal GZ
sec acl 3001
q
int g0/0/0
ipsec policy GZ
q

啥也不会的菜鸡

我是新手，各位大佬前来指导

falcon2019

进来学习

啥也不会的菜鸡

没人吗

啥也不会的菜鸡

顶