easy vpn_在线百科全书查询
easy vpn
easy VPN又名EzVPN,是Cisco专用VPN技术。它分为EASY VPN SERVER和EASY VPN REMOTE两种,EASY VPN SERVER 是REMOT--ACCESS VPN专业设备。配置复杂,支持POLICY PUSHING等特性,现在的900、1700、PIX、VPN3002和ASA等很多设备都支持。此种技术应用在中小企业居多。如Cisco精睿系类的路由器都有整合easy VPN。
其中,server端的配置:
Building configuration...
Current configuration : 1798 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
aaa new-model
!
aaa authentication login default local
aaa authentication login sdm_vpn_xauth_ml_1 local
aaa authorization exec default local
aaa authorization network sdm_vpn_group_ml_1 local
!
aaa session-id common
!
resource policy
!
ip cef
!
no ip domain lookup
!
username warky privilege 15 password 0 123456
username cisco1 password 0 cisco
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
!
crypto isakmp client configuration group vpnclient
key 123456
dns 61.134.1.4
pool SDM_POOL_1
netmask 255.255.255.0
crypto isakmp profile sdm-ike-profile-1
match identity group vpnclient
client authentication list sdm_vpn_xauth_ml_1
isakmp authorization list sdm_vpn_group_ml_1
client configuration address respond
virtual-template 1
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
!
crypto ipsec profile SDM_Profile1
set security-association idle-time 300
set transform-set ESP-3DES-SHA
set isakmp-profile sdm-ike-profile-1
!
interface FastEthernet0/0
ip address 172.16.0.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Virtual-Template1 type tunnel
ip unnumbered FastEthernet0/0
tunnel mode ipsec ipv4
tunnel protection ipsec profile SDM_Profile1
!
ip local pool SDM_POOL_1 10.0.0.1 10.0.0.15
ip http server
ip http authentication local
no ip http secure-server
!
logging alarm informational
!
control-plane
!
gatekeeper
shutdown
!
line con 0
stopbits 1
line aux 0
line vty 0 4
!
end
客户端使用cisco的vpn client登录。
