Winnipeg(config)#crypto ipsec transform-set
TO-EDMONTON esp-des esp-md5-hmac
Creates the transform set
TO-EDMONTON for the
IKE phase 2 policy
Winnipeg(cfg-crypto-trans)#exit Exits cfg-crypto-trans
con?¬?guration mode
Con?¬?guring GRE Tunnels over IPsec 49
Step 5a: Specify Static Routing for the GRE over IPsec Tunnel
Step 5b: Specify Routing with OSPF for the GRE over IPsec Tunnel
NOTE: GRE is multiprotocol and can tunnel any OSI Layer 3 protocol.
Winnipeg(config)#ip route 0.0.0.0 0.0.0.0
128.107.55.10
Con?¬?gures a static default
route to the physical nexthop
IP address
Winnipeg(config)#ip route 10.10.30.0
255.255.255.0 192.168.3.2
Con?¬?gures a static route
for (local) tunnel traf?¬?c
giving the far-end tunnel
address as the next-hop IP
address
Winnipeg(config)#router ospf 1 Enables OSPF with
process ID 1
Winnipeg(config-router)#passive-interface
fastethernet 0/0
Disables OSPF routing
updates on interface
FastEthernet 0/0
Winnipeg(config-router)#passive-interface
fastethernet 0/1
Disables OSPF routing
updates on interface
FastEthernet 0/1
NOTE: Interface
Tunnel0 is the only
interface participating
in OSPF.
Winnipeg(config-router)#network 192.168.30.0
0.0.0.255 area 0
Con?¬?gures 192.
Pages:
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57