Scribd
Upload
15 views

Tunnel Mode

The running configuration of routers R2 and R3 are displayed. R2 has a more complex configuration including SSL VPN support using a self-signed certificate. R3 has a simpler configuration focusing on NAT and routing functions.

Uploaded by

erabhinav16
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
15 views

Tunnel Mode

The running configuration of routers R2 and R3 are displayed. R2 has a more complex configuration including SSL VPN support using a self-signed certificate. R3 has a simpler configuration focusing on NAT and routing functions.

Uploaded by

erabhinav16
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 6

R2#sh running-config

Building configuration...

Current configuration : 3682 bytes


!
upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
aaa new-model
!
!
aaa authentication login ssl local
!
!
aaa session-id common
ip source-route
no ip icmp rate-limit unreachable
ip cef
!
!
!
!
ip name-server 10.1.1.1
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
crypto pki trustpoint TP-self-signed-4279256517
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-4279256517
revocation-check none
rsakeypair TP-self-signed-4279256517
!
!
crypto pki certificate chain TP-self-signed-4279256517
certificate self-signed 01
3082023A 308201A3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 34323739 32353635 3137301E 170D3135 30333237 31343431
32345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 32373932
35363531 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
810093EE 84346FE4 760824BE FA6BDBF2 79955654 6D2BE061 3B9E0AC0 89F336A2
66DD3D16 5BD59ECD 8C08D41C 8A6AF098 5A6EF706 2EA635BB B71B6C87 E0EDE129
CF9EB18C 7C2CF1B9 81F662ED 24D08D8E EB8896E9 BE204249 B0052185 356A072C
475288D5 C405B5EC 44647513 AD123DEB 72D9185A 4FEC5B55 BF3C5BEF 0B1F412F
86350203 010001A3 62306030 0F060355 1D130101 FF040530 030101FF 300D0603
551D1104 06300482 02523230 1F060355 1D230418 30168014 B7779DEC 37F5689A
8B649FA8 82DFE294 657C3D80 301D0603 551D0E04 160414B7 779DEC37 F5689A8B
649FA882 DFE29465 7C3D8030 0D06092A 864886F7 0D010104 05000381 8100115F
BD9D3CA4 8AF03473 454E26A3 2E6AB23A F214C029 D589625A 1221C340 D6EB3855
9B17E6D1 52169941 1BDD841A 2A8186A5 EB2E73C3 D3E14D09 A5A43333 A8914B72
7EE623BB 30E244CF ABAAA929 0E157E9B DB223CC3 C83C6476 25010481 44D8E55A
71D4DF1B 51540D1D 70A89CB8 AF6CBB67 5D665440 71883DA8 EDE1B31E 898A
quit
memory-size iomem 0
username sslvpn password 0 sslvpn
archive
log config
hidekeys
!
!
!
!
!
ip tcp synwait-time 5
!
!
!
!
interface FastEthernet0/0
ip address 10.1.1.10 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 145.1.11.2 255.255.255.0
duplex auto
speed auto
!
interface Virtual-Template1
ip unnumbered FastEthernet0/1
!
router rip
version 2
network 145.1.0.0
no auto-summary
!
ip local pool SSL 10.1.20.1 10.1.20.100
ip forward-protocol nd
no ip http server
ip http secure-server
!
!
!
!
!
!
!
!
!
control-plane
!
!
!
mgcp fax t38 ecm
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line vty 0 4
!
!
webvpn gateway sslvpn-gw
hostname ssl
ip interface Virtual-Template1 port 443
ssl encryption rc4-md5
ssl trustpoint TP-self-signed-4279256517
inservice
!
webvpn gateway GW
ssl trustpoint TP-self-signed-4279256517
no inservice
!
webvpn install svc disk0:/webvpn/svc_1.pkg sequence 1
!
webvpn context sslvpn
ssl authenticate verify all
!
url-list "WEB-PORTAL"
heading "Cisco TAC"
url-text "Cisco Support Home" url-value "www.cisco.com"
url-text "Juniper Sales" url-value "www.junos.com"
!
login-message "Welcome to SSL-PORTAL"
!
policy group POL
url-list "WEB-PORTAL"
functions svc-enabled
svc address-pool "SSL"
svc split include 10.1.1.1 255.255.255.255
default-group-policy POL
aaa authentication list ssl
gateway sslvpn-gw
inservice
!
end

===============================================

R3#sh run
R3#sh running-config
Building configuration...

Current configuration : 1337 bytes


!
upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
ip source-route
no ip icmp rate-limit unreachable
ip cef
!
!
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
memory-size iomem 0
archive
log config
hidekeys
!
!
!
!
!
ip tcp synwait-time 5
!
!
!
!
interface FastEthernet0/0
ip address 192.168.2.1 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 145.1.11.3 255.255.255.0
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
router rip
version 2
network 145.1.0.0
no auto-summary
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source list 1 interface FastEthernet0/1 overload
ip nat inside source static 192.168.2.100 interface FastEthernet0/1
!
access-list 1 permit 192.168.2.0 0.0.0.255
!
!
!
!
!
!
control-plane
!
!
!
mgcp fax t38 ecm
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line vty 0 4
login
!
end

R3#

You might also like